Swire Pacific Offshore Suffers Ransomware Attack, Exposing Personal Data of Over 2,500 Employees

Swire Pacific Offshore (SPO), a Singapore-based maritime services provider, has suffered a ransomware attack that resulted in the compromise of sensitive employee data. The attack, claimed by the Clop ransomware group, has affected the company's operations and led to the loss of confidential proprietary commercial information, as well as personal data of its seafaring and onshore personnel in 18 countries.

SPO operates a fleet of over 50 offshore support vessels and has reported the incident to the relevant authorities, while also working with external experts to investigate the attack. The company's website and likely other parts of its operations are currently offline.

The Clop ransomware group has posted screenshots of data during the attack, indicating that the ransomware gang stole passports, payroll information, ID numbers, bank account details, email addresses, and internal correspondence messages. The number of exposed individuals could reach 2,500, corresponding to the firm's seafaring and onshore personnel.

Ransomware attacks on the shipping industry have become increasingly common, with companies like A.P. Møller-Maersk, COSCO, Pitney Bowes, and the U.S. Coast Guard all reporting cyberattacks in the past. The industry is currently facing a turbulent period, with rising costs, delivery delays, shortages, and inflation, making it an attractive target for ransomware actors.

SPO will contact all potentially affected individuals to inform them about the incident, but no exact numbers have been published yet. The company's size and global operations make it a significant target for cybercriminals, highlighting the need for robust cybersecurity measures to protect sensitive data and prevent such attacks in the future.

Sources

• Swire Pacific Offshore (SPO)
• Marine services provider Swire Pacific Offshore hit by ransomware