30,000 containers were held hostage in the country's ports.
In November, the international logistics company DP World faced a large-scale cyber attack on its Australian division, which led to disruptions in the company's operations and data leaks. The hacker attack affected 40% of Australia's container traffic, causing delays in processing 30,137 containers and overflowing storage areas.
The company told BleepingComputer that operations at the five affected ports were restored on November 13, and the situation returned to normal by November 17. The detained containers were fully processed by November 20, which indicates a rapid recovery from violations.
According to the results of the DP World investigation, it became known that the attack affected exclusively the Australian division, which is the largest port operator in the country. It is important to note that although the hackers did not use ransomware or encryption, a data leak was recorded. Representatives of the company stressed that no traces of ransomware, encrypted files or ransom demands were found in the DP World Australia network.
No less significant is the fact of data leakage, including personal information of current and former employees of DP World Australia. The company confirmed that despite the absence of damage to client data, unauthorized exfiltration of some files was performed.
In response to the incident, DP World took steps to minimize the risks of data leakage, including disabling the Internet to prevent unauthorized access, informing and providing support to affected employees. It is not yet clear who is behind the attack, and no groups of attackers have admitted responsibility, which leaves the motives and nature of the attack uncertain.
Australian regulators, including the Information Commissioner's Office (ICO), are actively working with DP World to reduce the impact of data breaches and strengthen protection against future cyber threats.
In November, the international logistics company DP World faced a large-scale cyber attack on its Australian division, which led to disruptions in the company's operations and data leaks. The hacker attack affected 40% of Australia's container traffic, causing delays in processing 30,137 containers and overflowing storage areas.
The company told BleepingComputer that operations at the five affected ports were restored on November 13, and the situation returned to normal by November 17. The detained containers were fully processed by November 20, which indicates a rapid recovery from violations.
According to the results of the DP World investigation, it became known that the attack affected exclusively the Australian division, which is the largest port operator in the country. It is important to note that although the hackers did not use ransomware or encryption, a data leak was recorded. Representatives of the company stressed that no traces of ransomware, encrypted files or ransom demands were found in the DP World Australia network.
No less significant is the fact of data leakage, including personal information of current and former employees of DP World Australia. The company confirmed that despite the absence of damage to client data, unauthorized exfiltration of some files was performed.
In response to the incident, DP World took steps to minimize the risks of data leakage, including disabling the Internet to prevent unauthorized access, informing and providing support to affected employees. It is not yet clear who is behind the attack, and no groups of attackers have admitted responsibility, which leaves the motives and nature of the attack uncertain.
Australian regulators, including the Information Commissioner's Office (ICO), are actively working with DP World to reduce the impact of data breaches and strengthen protection against future cyber threats.
