Shipping firm warns that hackers may leak confidential information

Clarksons provides services to the global shipping industry.
Image: iStock
Global shipping firm Clarksons has warned that confidential data stolen as a result of a ‘cyber security incident’ could be made public following the company’s refusal to pay a ransom to hackers.
In statement, the shipbroker – one of the largest in its sector – said that it had fallen victim to a “criminal attack” in which attackers gained unauthorised access to the company’s computer systems via the use of a “single and isolated user account” which Clarksons has since disabled.
Clarksons – which has 49 offices in 21 countries – hasn’t disclosed what information has potentially been stolen by hackers, only that the data in question is “confidential”. While the company hasn’t disclosed when the breach took place or when it was discovered, it says it look took “immediate steps to respond to and manage the incident”.
A Clarksons spokesperson told ZDNet that due to the ongoing investigation into the incident, it’d be inappropriate to make any further comment about what happened at this time.
However, the company has issued a warning that the data might be at risk of being made public because those behind the attack have now threatened to release it after the shipbroker refused to pay them a ransom.
“Today, the person or persons behind the incident may release some data. As a responsible global business, Clarksons has been working with the police in relation to this incident. In addition, the data at issue is confidential and lawyers are on standby wherever needed to take all necessary steps to preserve the confidentiality in the information,” the company said.
“I hope our clients understand that we would not be held to ransom by criminals, and I would like to sincerely apologise for any concern this incident may have understandably raised.” said Andi Case, CEO of Clarksons.
The company is in the process of directly contacting potentially affected clients and individuals, as well as working with the police and security experts in response to the attack. The company also says it has contacted the relevant regulatory bodies about the incident.
“内鬼”出售个人信息获利的案子隔些日子就曝光一例,相信以后还将继续下去,运营商收集用户那么多个人信息干嘛,如果是应监管当局的要求,也该分个级别吧,

See also: What is GDPR? Everything you need to know about the new general data protection regulations
“Issues of cybersecurity are at the forefront of many business agendas in today’s digital and commercial landscape and, despite our extensive efforts we have suffered this criminal attack,” said Case.
“As you would rightly expect, we’re working closely with specialist police teams and data security experts to do all we can to best understand the incident and what we can do to protect our clients now and in the future.
“We hope that, in time, we can share the lessons learned with our clients to help stop them from becoming victims themselves,” Case added.
READ MORE ON CYBER CRIME2017’s biggest hacks, leaks, and data breaches — so far8 steps to take within 48 hours of a data breach [TechRepublic]New NSA leak exposes Red Disk, the Army’s failed intelligence systemUber data breach ‘raises huge concerns’ for UK watchdog [CNET]Bad passwords and weak security are making ships an easy target for hackers
Related Topics:
网络安全法宣传推广视频 004《网络安全法》的突出亮点
Security TV
Data Management
我们相信科学,安全无百分百,任何一种信息系统在安全防范方面都难做到万无一失,所以网络信息安全的控制不能局限在防范和侦测措施方面,还要让我们的系统具备容错机制和故障恢复能力,重要系统采用高可靠性架构和异地灾备。

猜您喜欢

保密讲堂第一弹:准确定密并正确标识国家秘密
做安全就要得罪人么?
LMS学习管理系统管理员快速操作指南
99%的上海人都不知道的交通卡充值新姿势!
WORLDOFSTOCK CARLYLEHYSTAD
人人需知的云计算安全知识