In June 2021, The Steamship Authority suffered a ransomware attack that encrypted critical network files, rendering systems inoperable. The attack disrupted core operations, including the inability to process or modify reservations (vehicle, passenger, or ticketing) both online and via phone. Customers faced significant delays, and transactions were limited to cash due to compromised credit card systems. While vessel safety remained unaffected radar and GPS functions stayed operational the operational paralysis caused financial strain, reputational damage, and logistical chaos. The attack forced reliance on manual processes, severely degrading service efficiency and customer trust. No explicit mention of data exfiltration was reported, but the systemic outage directly threatened the organization’s revenue streams and public perception.
Source: https://www.nbcboston.com/news/local/mass-steamship-authority-delayed-due-to-cyber-attack/2395477/
TPRM report: https://www.rankiteo.com/company/steamshipauthority
"id": "ste319092125",
"linkid": "steamshipauthority",
"type": "Ransomware",
"date": "6/2021",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"{'affected_entities': [{'industry': 'transportation',
'location': 'Boston, MA, USA',
'name': 'The Steamship Authority (Woods Hole, Martha’s '
'Vineyard and Nantucket Steamship Authority)',
'type': 'government-owned ferry service'}],
'data_breach': {'data_encryption': True},
'date_detected': '2021-06',
'description': 'In June 2021, the network of the Woods Hole, Martha’s '
'Vineyard and Nantucket Steamship Authority (Boston, MA, USA), '
'doing business as The Steamship Authority, was attacked with '
'a form of ransomware. The ransomware attack involved malware '
'that encrypts files on the network, rendering systems '
'inoperable. This led to an inability to change/book '
'reservations, ticketing delays, and customers being unable to '
'book or change vehicle reservations online or by phone. Cash '
'was preferred for transactions due to limited credit card '
'system availability. The safety of vessels was not threatened '
'as radar or GPS functions remained unaffected.',
'impact': {'downtime': True,
'operational_impact': ['inability to change/book reservations',
'delays during ticketing',
'unable to process online/phone vehicle '
'reservations',
'preference for cash transactions due to '
'limited credit card system availability'],
'systems_affected': ['reservation systems',
'ticketing systems',
'online booking systems',
'phone booking systems',
'credit card payment systems']},
'ransomware': {'data_encryption': True},
'title': 'Ransomware Attack on The Steamship Authority',
'type': 'ransomware'}