DP World confirms data stolen in cyberattack, no ransomware used

International logistics giant DP World has confirmed that data was stolen during a cyber attack that disrupted its operations in Australia earlier this month. The company says no ransomware payloads or encryption was used in the attack. On November 10, 2023, DP World Australia, which handles 40% of the country's shipping container trade, was targeted by hackers who disrupted landside freight operations at five ports. In a statement from DP World Australia to BleepingComputer today, the company says that port operations resumed on November 13 and returned to normal status on November 17. Regarding the scope of the impact and the type of cyber attack, DP World has established that the security incident only affects its Australian business. At the same time, it did not find any signs of ransomware deployment on the breached systems. "DP World Australia's investigation has confirmed that the incident was confined to the Australian operations and did not impact any other markets where DP World operates," DP World told BleepingComputer. "It also confirmed that no ransomware was found or deployed within the DP World Australia network." The damage wasn't limited to the operational disruption, as DR World's investigation determined that data was stolen from its systems. "Regrettably, DP World Australia can confirm that some of its files were accessed by the unauthorized third party and a small amount of data was exfiltrated from the DP World Australia network," confirmed the spokesperson to BleepingComputer. "While the investigation has shown that customer data was not affected, some of the impacted data includes the personal information of current and previous employees of DP World Australia." All impacted individuals will be notified to take the appropriate precautions, and they will also receive support from a team of specialists and service coverage to mitigate identity theft and fraud risks associated with the data exposure. At this time it is unclear who is behind the attack, and no threat actors have claimed responsibility. It could have been a data-theft attack or a ransomware attack that was shut down before encryptors were deployed. The Australian Cyber Security Coordinator, the Australian Cyber Security Center, the Australian Federal Police, the Department of Home Affairs, and the Office of the Australian Information Commissioner have all been informed of the situation and are working closely with DP World to lessen the impact for those who had their data stolen. DP World cyberattack blocks thousands of containers in ports. Toronto Public Library confirms data stolen in ransomware attack. D.C. Board of Elections confirms voter data stolen in site hack. MGM Resorts ransomware attack led to $100 million loss, data theft. Motel One discloses data breach following ransomware attack.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 30 Nov 2023 23:19:27 +0000


Cyber News related to DP World confirms data stolen in cyberattack, no ransomware used

How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
1 month ago Aws.amazon.com
DP World confirms data stolen in cyberattack, no ransomware used - International logistics giant DP World has confirmed that data was stolen during a cyber attack that disrupted its operations in Australia earlier this month. The company says no ransomware payloads or encryption was used in the attack. On November ...
11 months ago Bleepingcomputer.com
Ransomware Roundup - On a bi-weekly basis, FortiGuard Labs gathers data on ransomware variants of interest that have been gaining traction within our datasets and the OSINT community. The Ransomware Roundup report aims to provide readers with brief insights into the ...
7 months ago Feeds.fortinet.com
Targeting homeowners' data - As these companies obtain a large amount of sensitive information from their customers, they become attractive targets for ransomware gangs to conduct double-extortion attacks. Finland is also warning of Akira ransomware increasingly targeting ...
9 months ago Bleepingcomputer.com
'Sex life data' stolen from UK government among record number of ransomware attacks - Data on the sex lives of up to 10,000 people was stolen from a British government department in one of the record number of ransomware attacks to have hit Westminster in the first half of this year. It is not known which department the information ...
11 months ago Therecord.media
BlackSuit ransomware gang claims attack on KADOKAWA corporation - The BlackSuit ransomware gang claimed a recent cyberattack on KADOKAWA corporation and is now threatening to publish stolen data if a ransom is not paid. KADOKAWA is a Japanese media conglomerate that operates numerous companies in film, publishing, ...
4 months ago Bleepingcomputer.com
BlackSuit ransomware gang claims attack on KADOKAWA corporation - The BlackSuit ransomware gang claimed a recent cyberattack on KADOKAWA corporation and is now threatening to publish stolen data if a ransom is not paid. KADOKAWA is a Japanese media conglomerate that operates numerous companies in film, publishing, ...
4 months ago Bleepingcomputer.com
Medusa Ransomware Turning Your Files into Stone - Unit 42 Threat Intelligence analysts have noticed an escalation in Medusa ransomware activities and a shift in tactics toward extortion, characterized by the introduction in early 2023 of their dedicated leak site called the Medusa Blog. The Unit 42 ...
9 months ago Unit42.paloaltonetworks.com
Hive Ransomware: A Detailed Analysis - This past week, on January 26th, to be exact, the FBI successfully shut down the Hive ransomware group and saved victims over a hundred million dollars in ransom payments and remediation costs. As ransomware continues to be a national security threat ...
1 year ago Heimdalsecurity.com
The Week in Ransomware - An international law enforcement operation claims to have dismantled a ransomware affiliate operation in Ukraine, which was responsible for attacks on organizations in 71 countries. The threat actors are said to be affiliates of numerous ransomware ...
11 months ago Bleepingcomputer.com
The Top 10 Ransomware Groups of 2023 - This article takes an in-depth look at the rise in ransomware attacks over the past year and the criminal groups driving the surge in cyber extortion. LockBit has established itself as one of the most notorious ransomware operations since emerging on ...
9 months ago Securityboulevard.com
Mortgage giant Mr. Cooper hit by cyberattack impacting IT systems - U.S. mortgage lending giant Mr. Cooper was breached in a cyberattack that caused the company to shut down IT systems, including access to their online payment portal. Mr. Cooper is a mortgage lending company based out of Dallas, Texas, that employs ...
11 months ago Bleepingcomputer.com
Ransomware victims targeted by fake hack-back offers - Some organizations victimized by the Royal and Akira ransomware gangs have been targeted by a threat actor posing as a security researcher who promised to hack back the original attacker and delete stolen victim data. Both Royal and Akira ransomware ...
9 months ago Bleepingcomputer.com
Ransomware Roundup - The Ransomware Roundup report aims to provide readers with brief insights into the evolving ransomware landscape and the Fortinet solutions that protect against those variants. This edition of the Ransomware Roundup covers the 8base ransomware. 8base ...
10 months ago Feeds.fortinet.com
Waiting for the BlackCat rebrand - We saw another ransomware operation shut down this week after first getting breached by law enforcement and then targeting critical infrastructure, putting them further in the spotlight of the US government. While the Tor onion domain seizure was a ...
7 months ago Bleepingcomputer.com
Kraft Heinz investigates hack claims, says systems 'operating normally' - Kraft Heinz has confirmed that their systems are operating normally and that there is no evidence they were breached after an extortion group listed them on a data leak site. Kraft Heinz is one of the world's largest food and beverage companies, with ...
10 months ago Bleepingcomputer.com
The Week in Ransomware - Earlier this month, the BlackCat/ALPHV ransomware operation suffered a five-day disruption to their Tor data leak and negotiation sites, rumored to be caused by a law enforcement action. The FBI revealed this week that they hacked the BlackCat/ALPHV ...
10 months ago Bleepingcomputer.com
What is Extortionware? How is It Different From Ransomware? - Let's look at how extortionware works, how it compares to ransomware and why the threat of extortionware is likely to continue growing in years to come. Once access is gained, the victim's data is stolen and analyzed to identify information that can ...
5 months ago Techtarget.com
Understanding Each Link of the Cyberattack Impact Chain - It's often difficult to fully appreciate the impact of a successful cyberattack. Other consequences aren't so obvious - from a loss of customer trust and potential business to stolen data that may surface as part of another cyberattack years later. ...
11 months ago Securityboulevard.com
The new ransomware behind Indonesia's data center attack - The new Brain Cipher ransomware operation has begun targeting organizations worldwide, gaining media attention for a recent attack on Indonesia's temporary National Data Center. Indonesia is building out National Data Centers to securely store ...
4 months ago Bleepingcomputer.com
The new ransomware behind Indonesia's data center attack - The new Brain Cipher ransomware operation has begun targeting organizations worldwide, gaining media attention for a recent attack on Indonesia's temporary National Data Center. Indonesia is building out National Data Centers to securely store ...
4 months ago Bleepingcomputer.com
Ransomware in 2023 recap: 5 key takeaways - This provides the best overall picture of ransomware activity, but the true number of attacks is far higher. While some ransomware trends hardly changed over the last year, such as LockBit's continued dominance, ransomware criminals also challenged ...
8 months ago Malwarebytes.com
VX-Underground malware collective framed by Phobos ransomware - A new Phobos ransomware variant frames the popular VX-Underground malware-sharing collective, indicating the group is behind attacks using the encryptor. Phobos launched in 2018 in what is believed to be a ransomware-as-a-service derived from the ...
11 months ago Bleepingcomputer.com
Cold storage giant Americold discloses data breach after April malware attack - Cold storage and logistics giant Americold has confirmed that over 129,000 employees and their dependents had their personal information stolen in an April attack, later claimed by Cactus ransomware. Americold employs 17,000 people worldwide and ...
10 months ago Bleepingcomputer.com
The Week in Ransomware - Today's column brings you two weeks of information on the latest ransomware attacks and research after we skipped last week's article. BleepingComputer has learned that some of the BlackCat/ALPHV affiliates are not buying the explanation and have ...
10 months ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)