International logistics giant DP World has confirmed that data was stolen during a cyber attack that disrupted its operations in Australia earlier this month. The company says no ransomware payloads or encryption was used in the attack. On November 10, 2023, DP World Australia, which handles 40% of the country's shipping container trade, was targeted by hackers who disrupted landside freight operations at five ports. In a statement from DP World Australia to BleepingComputer today, the company says that port operations resumed on November 13 and returned to normal status on November 17. Regarding the scope of the impact and the type of cyber attack, DP World has established that the security incident only affects its Australian business. At the same time, it did not find any signs of ransomware deployment on the breached systems. "DP World Australia's investigation has confirmed that the incident was confined to the Australian operations and did not impact any other markets where DP World operates," DP World told BleepingComputer. "It also confirmed that no ransomware was found or deployed within the DP World Australia network." The damage wasn't limited to the operational disruption, as DR World's investigation determined that data was stolen from its systems. "Regrettably, DP World Australia can confirm that some of its files were accessed by the unauthorized third party and a small amount of data was exfiltrated from the DP World Australia network," confirmed the spokesperson to BleepingComputer. "While the investigation has shown that customer data was not affected, some of the impacted data includes the personal information of current and previous employees of DP World Australia." All impacted individuals will be notified to take the appropriate precautions, and they will also receive support from a team of specialists and service coverage to mitigate identity theft and fraud risks associated with the data exposure. At this time it is unclear who is behind the attack, and no threat actors have claimed responsibility. It could have been a data-theft attack or a ransomware attack that was shut down before encryptors were deployed. The Australian Cyber Security Coordinator, the Australian Cyber Security Center, the Australian Federal Police, the Department of Home Affairs, and the Office of the Australian Information Commissioner have all been informed of the situation and are working closely with DP World to lessen the impact for those who had their data stolen. DP World cyberattack blocks thousands of containers in ports. Toronto Public Library confirms data stolen in ransomware attack. D.C. Board of Elections confirms voter data stolen in site hack. MGM Resorts ransomware attack led to $100 million loss, data theft. Motel One discloses data breach following ransomware attack.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 30 Nov 2023 23:19:27 +0000