DP World Australia has issued a detailed statement on the incident and its ongoing investigations after completely suspending its port operations in Australia.
DP World has confirmed that some data was exfiltrated during the incident, even though no ransomware has been found and no data has been encrypted.
The incident was limited to the Australian operations and had no effect on any other markets in which DP World operates, according to DP World Australia’s investigation, a spokesperson said in a statement. Additionally, it verified that no ransomware—that is, no ransomware executables, encrypted files, or ransom demands—was discovered or used within the DP World Australia network.
DP World Australia regrets to inform you that a small amount of data was exfiltrated from the DP World Australia network and that an unauthorized third party accessed some of its files. Although the inquiry has revealed that customer data was unaffected, personal data belonging to DP World Australia employees, both past and present, was.
The type of data impacted and the total number of people affected have not been disclosed by DP World Australia.
When DP World Australia discovered unauthorized access to its network for the first time on November 10, that is when the incident happened. The business immediately turned off its networks in an effort to contain the incident, which also resulted in the termination of “land-side port operations.” November 13 saw the return of operations, and by November 20, the entire backlog had been cleared.
DP World Australia is currently getting in touch with those who have been affected and has established a cyber response team to assist those whose data has been compromised. In addition to IDCARE and Equifax services, the company provides support through its employee assistance program.
In addition, DP World Australia has been collaborating closely with the relevant ministers, the Australian Cyber Security Centre, the AFP, Home Affairs, and the Australian Cyber Security Coordinator.
“We acknowledge the impact of this cyber security incident as an important part of Australia’s logistics and supply chain,” said Nicolaj Noes, executive vice-president for Oceania, Asia-Pacific region at DP World, in a statement.
“We express our gratitude to our stakeholders, customers, and staff for their unwavering support and patience throughout the incident and the ongoing investigation.”
Data Theft of Employees In The DP World Cyberattack
The recent cyberattack that forced the closure of four Australian terminals resulted in the theft of employee data, as confirmed by DP WORLD.
The “unauthorized third party” responsible for the attack, according to DP World, was able to access certain files and exfiltrate “a small amount of data” from the Australian network of the terminal operator.
Based on an investigation, DP World said that customer data was unaffected; however, the personal data of both current and former employees was affected.
According to DP World, their investigation verified that the event only affected their Australian operations and had no effect on any other markets in which they are present.
It also verified that the Australian network of DP World had not been infected with or exposed to ransomware.
DP World said that it has formed a “cyber response team” for those affected and is currently in the process of informing them.
On November 10, a Friday, the technology team at DP World discovered unauthorized access to the company’s Australian corporate network.
In an effort to contain the situation, DP World cut off the network’s connection to the internet. Although the incident was successfully contained, the company claimed that this had an impact on land-side port operations.
According to DP World, since the incident’s initial discovery, its Australian team and advisors have put in a great deal of effort to restore operations and assess its effects.
The company stated, “DP World Australia’s incident response was instrumental in its ability to successfully identify, protect, detect, respond to, and recover from the incident.”
The Australian Federal Police, the Australian Cyber Security Centre, the Department of Home Affairs, Ministers Clare O’Neil and Catherine King, the Office of the Australian Information Commissioner, and numerous state and territory agencies have all been collaborating with DP World during the incident, according to the company.