In November, the international logistics company DP World experienced a large-scale cyber attack on its Australian unit, resulting in disruptions to the company’s operations and the leakage of data. The attack had a significant impact, affecting 40% of Australia’s container transportation and causing delays in the processing of 30,137 containers, as well as an overflow of warehouse space.
According to a report by BleepingComputer, DP World announced that operations at five affected ports had been restored by November 13, and by November 17, the situation had been normalized. All detained containers were fully processed by November 20, indicating a rapid recovery following the disruptions.
The investigation conducted by DP World revealed that the attack targeted only the Australian unit, which is the largest port operator in the country. It is worth noting that although the hackers did not utilize carriers or encryption programs, a data leak was detected. Company representatives emphasized that the DP World Australia network did not find any evidence of programs, encrypted files, or ransom demands.
Equally significant is the fact that personal information of both current and former DP World Australia employees was leaked, although no damage to client data was reported. The company confirmed that some files were unauthorizedly extracted.
In response to the incident, DP World has taken measures to minimize the risk of data leakage, such as disconnecting from the internet to prevent unauthorized access, as well as informing and offering support to affected employees. The identity of the attacker remains unclear, and no specific group has taken responsibility for the attack, leaving the motives and nature of the attack uncertain.
Australian regulators, including the Office of the Commissioner on Information (Information Commissioner’s Office (ICO)), are actively collaborating with DP World to mitigate the consequences of the data leak and enhance protection against future cyber attacks.