Hackers Demand $5.7 Million Ransom For Seattle Airport Data
Hackers attacked Seattle-Tacoma International Airport and the Port of Seattle last month, stealing roughly three terabytes of data while snarling ticketing and baggage systems. Airport officials stated today that it won’t pay the 100-bitcoin (or $5.7 million) ransom to prevent the stolen information from being posted publicly. It’s not clear what was taken, but the hackers claim to have internal logins along with personal staff and customer data.
Officials confirmed that the Russian ransomware gang Rhysida was behind the cyberattack and ransom demands, according to the Seattle Times. The group is illicitly auctioning off the data, including a passport scan of a Port employee as a sample. Sea-Tac Airport managing director Lance Lyttle told the U.S. Senate’s Commerce, Science and Transportation Committee on Wednesday:
“We’re currently reviewing the files published on the leak site, as well as others we believe were copied. With regards to paying the ransom, that was contrary to our values and we don’t think it’s the best use of public funds.”
Rhysida attacked the British Library last year, demanding around $800,000 in Bitcoin after stealing employee passport scans, work contracts and emails. The group targeted Columbus, Ohio last month, infiltrating the city’s computer systems, but didn’t demand a ransom after that cyberattack. It’s not clear why the group took aim at the airport in Washington State. During the attack, small airlines using Sea-Tac’s common-use gates resorted to handwritten boarding passes and baggage destinations, creating massive delays.