Clarksons reveals more details of last year’s data breach

Shipbroker Clarksons has provided more details via a release about the cyber attack it uncovered last November.

On November 7 last year Clarksons learned that it was the subject of a cyber security incident in which an unauthorised third party accessed certain Clarksons’ computer systems in the UK, copied data, and demanded a ransom for its safe return. As soon as the incident was discovered, Clarksons said it took steps to respond to and manage the incident, including launching an immediate investigation into the nature and scope of the event, notifying regulators, working with third party forensic investigators, and informing law enforcement.

Clarksons quickly learned that the unauthorised third party had gained access to its system from May 31, 2017 until November 4, 2017. Clarksons learned that the unauthorized access was gained via a single and isolated user account. Upon discovering this access, Clarksons immediately disabled this account.

Through the investigation and legal measures, Clarksons was then able to successfully trace and recover the copy of the data that was illegally copied from its systems.

While Clarksons was able to successfully trace and recover the copy of the data that was illegally copied from its systems, as a precautionary measure, Clarksons has also been working, in cooperation with law enforcement and forensic investigators, to determine what data may have been involved. Clarksons has since been notifying potentially affected individuals.

While the potentially affected personal information varies by individual, this data may include: date of birth, contact information, medical information, tax information, insurance information, social security number, CV / resume, driver’s license/vehicle information, bank account information, passport information, payment card information, ethnicity, digital signature, visa/travel information, financial information, criminal conviction information, login information, seafarer information, and address information.

Clarksons revealed also that it is offering potentially affected individuals access to one year of identity protection services. This service is being offered at no cost and will be paid for by Clarksons.

The Clarksons cyber attack joins a growing list of shipping-related firms hit by hackers recently, most notably Maersk and Cosco.

Sam Chambers

Starting out with the Informa Group in 2000 in Hong Kong, Sam Chambers became editor of Maritime Asia magazine as well as East Asia Editor for the world’s oldest newspaper, Lloyd’s List. In 2005 he pursued a freelance career and wrote for a variety of titles including taking on the role of Asia Editor at Seatrade magazine and China correspondent for Supply Chain Asia. His work has also appeared in The Economist, The New York Times, The Sunday Times and The International Herald Tribune.
Back to top button