UK shipping giant deals with data breach by the book, recovers stolen data

Strengthening the notion that a single vulnerable endpoint, or unwary employee, can grant hackers safe passage into an organization’s entire infrastructure, British shipping company Clarksons PLC this week confirmed the discovery of a data breach that it suffered between May and November of last year.

Clarksons put out a press release on July 30 to notify anyone concerned that the firm “was the subject of a cyber security incident in which an unauthorized third party accessed certain Clarksons’ computer systems in the UK, copied data, and demanded a ransom for its safe return.”

As soon as the company caught wind of the incident, Clarksons launched an investigation and took steps to respond to incident and mitigate the risks. The steps it took, per the company’s notice, were “notifying regulators, working with third party forensic investigators, and informing law enforcement.”

Clarksons learned through the investigation that the attacker had gained access to its systems sometime starting with May 31, 2017. The bad actor reportedly had access to the personal data of an unspecified number of individuals, from May through November of the same year. The data, which the perpetrator copied and demanded ransom for its safe return, included: date of birth, contact information, medical information, tax information, insurance information, Social Security number, CV / resume, driver’s license/vehicle information, bank account information, passport information, payment card information, ethnicity, digital signature, visa/travel information, financial information, criminal conviction information, login information, seafarer information, and address information.

“Clarksons learned that the unauthorized access was gained via a single and isolated user account.  Upon discovering this access, Clarksons immediately disabled this account,” the notice reads. “Through the investigation and legal measures, Clarksons were then able to successfully trace and recover the copy of the data that was illegally copied from its systems.”

Clarksons is now notifying potentially affected individuals out of an abundance of caution, according to the press release.

Immediately after learning of the breach, Clarksons enhanced its security measures and is now providing potentially affected individuals with information about this event and about the further steps individuals may take to best protect their personal information. The company is further offering potentially affected individuals access to one year of identity protection services at no cost.

Leave a Reply