Port of Seattle Company Cyber Security Posture
portseattle.orgFounded in 1911, the Port owns and operates Seattle-Tacoma International Airport, Fishermenโs Terminal โ home of the North Pacific fishing fleet โ and public marinas. The Port also owns two cruise ship terminals, a grain terminal, real estate assets, and marine cargo terminals through its partnership in the Northwest Seaport Alliance. Port operations help support nearly 200,000 jobs and $7 billion in wages throughout the region. Over the next 19 years, the portโs โCentury Agendaโ seeks to create an additional 100,000 jobs through economic growth while becoming the nationโs leading green and energy-efficient port.
PS Company Details
port-of-seattle
1943 employees
37796.0
922
Government Administration
portseattle.org
88
POR_2686481
In-progress
PS Risk Score (AI oriented)Between 600 and 700
This score is AI-generated and less favored by cyber insurers, who prefer the TPRM score.
PS Global Score.png)
Port of Seattle Company Scoring based on AI Models
| Model Name | Date | Description | Current Score Difference | Score |
|---|---|---|---|---|
| AVERAGE-Industry | 03-12-2025 | This score represents the average cybersecurity rating of companies already scanned within the same industry. It provides a benchmark to compare an individual company's security posture against its industry peers. | N/A | Between 600 and 700 |
Port of Seattle Company Cyber Security News & History
| Entity | Type | Severity | Impact | Seen | Url ID | Details | View |
|---|---|---|---|---|---|---|---|
| Port of Seattle | Ransomware | 100 | 5 | 9/2024 | POR000091624 | Link | |
Rankiteo Explanation : Attack threatening the organizationโs existenceDescription: The Port of Seattle, operator of the Seattle-Tacoma International Airport, was targeted by a ransomware attack orchestrated by the Rhysida group in August 2024. The attack resulted in significant disruptions to internet, website, email, phone services, and key operational systems like baggage handling, check-in kiosks, and ticketing. Over 7,000 passengers' bags were affected, causing substantial inconvenience and travel delays. The Port refused to pay the ransom, leading to potential risks of leaked data. In response, crucial systems were isolated, and measures have been taken to enhance security and operations while investigations continue. | |||||||
| Port of Seattle | Ransomware | 100 | 4 | 4/2025 | POR000040625 | Link | |
Rankiteo Explanation : Attack with significant impact with customers data leaksDescription: In August 2024, the Port of Seattle was targeted by Rhysida ransomware group, resulting in a data breach that affected 90,000 individuals. The breach led to the unauthorized access and encryption of the port's computer systems, disrupting crucial services including baggage handling, check-ins, Wi-Fi, and parking. Personal information, including names, dates of birth, Social Security numbers, identification card numbers, and some medical information was compromised. The port's response included refusing to pay the ransom and implementing heightened security measures. Impacted individuals were offered free credit monitoring services as part of the remediation process. | |||||||
Port of Seattle Company Subsidiaries
Founded in 1911, the Port owns and operates Seattle-Tacoma International Airport, Fishermenโs Terminal โ home of the North Pacific fishing fleet โ and public marinas. The Port also owns two cruise ship terminals, a grain terminal, real estate assets, and marine cargo terminals through its partnership in the Northwest Seaport Alliance. Port operations help support nearly 200,000 jobs and $7 billion in wages throughout the region. Over the next 19 years, the portโs โCentury Agendaโ seeks to create an additional 100,000 jobs through economic growth while becoming the nationโs leading green and energy-efficient port.
Access Data Using Our API
Get company history
Rapid.png)
PS Cyber Security News
Port of Seattle Providing Notice to Individuals Affected by Fall 2024 Cyberattack
The Port of Seattle (the โPortโ) announced today notification letters are being mailed to individuals whose data was impacted in the August 2024 cyberattack.
Port of Seattle shares details of a cyberattack
The Port of Seattle has isolated its critical systems after the port identified system outages consistent with a cyberattack last month.
Port of Seattle alerting 90,000 people whose data was compromised in SEA cyberattack
Tens of thousands of people are receiving notifications from the Port of Seattle informing them that their personal data was compromised in a cyberattack.
Port of Seattle says 90,000 people impacted in 2024 ransomware attack
About 90,000 people had information accessed by ransomware hackers who breached the systems of the Port of Seattle last year. The organization โย ...
Port of Seattle official flags a cyber dilemma, โone-way streetโ with federal agencies
A ransomware attack on the Port of Seattle in August 2024 exemplifies the cybersecurity risk critical infrastructure is confronting.
'You need to invest in cybersecurity': Port of Seattle director offers advice amid ongoing outage
Port of Seattle Executive Director Steve Metruck said the investigation into the โcyber incidentโ is still ongoing.
Port Cyberattack Archive
Earlier this morning the Port of Seattle experienced certain system outages indicating a possible cyberattack. The Port isolated critical systems and is in theย ...
Port of Seattle Says 90,000 People Impacted by Ransomware Attack
The Port of Seattle says the personal information of 90000 individuals was stolen in an August 2024 ransomware attack.
Critical infrastructure continues under threat, as hackers strike at Port of Seattle and Halliburton oilfield
Critical infrastructure continues under threat, as hackers strike at Port of Seattle and Halliburton oilfield.
PS Similar Companies
I WORK FOR SA
The OFFICIAL careers page for the South Australian Government. The South Australian Public Sector is the State's largest workforce. We are an employer of choice that reflects the diverse community we serve. Our people are from a range of backgrounds and vocations, from entry level, mid-career and
Internal Revenue Service
Welcome to the Internal Revenue Serviceโs official LinkedIn account. Here, you will find the latest and greatest news and updates for taxpayers to help them understand and meet their tax responsibilities. Also, this is a place to learn about a meaningful career with the IRS. Check out the tabs above
Ministry of the Interior and Kingdom Relations
Het ministerie van BZK borgt de kernwaarden van de democratie. BZK staat voor een goed en slagvaardig openbaar bestuur en een overheid waar burgers op kunnen vertrouwen. BZK draagt eraan bij dat burgers kunnen wonen in betaalbare, veilige en energiezuinige woningen in een buurt waar iedereen meetelt
Ville de Montrรฉal
Montrรฉal est la plus grande ville francophone dโAmรฉrique et elle se distingue par sa vitalitรฉ culturelle exceptionnelle et des forces crรฉatrices reconnues mondialement. Elle se dรฉveloppe un peu plus chaque jour en une ville contemporaine, inclusive et dynamique sur les plans รฉconomique, culturel
Stadt Dortmund
Willkommen in Dortmund - einer einzigartigen Stadt voller Perspektiven! Wie in unseren Stadtzielen beschrieben, gestalten wir Dortmund zu einer aufstrebenden Groโรผstadt der Nachbarn mit attraktiven Leistungen fโยบr alle Einwohner*innen und Gโยงste. Hieran arbeiten wir mit der Expertise von unseren 11
Malmรถ stad
Bli en samhรคllsbyggare โ jobba i Malmรถ stad! Genom att arbeta i Malmรถ stad fรฅr du mรถjlighet att arbeta med hรฅllbar samhรคllsutveckling. Som en samhรคllsbyggare spelar du en viktig roll i Malmรถs utveckling och dรคrfรถr ser vi oss som framtidens arbetsplats. Mรคnniskors lika vรคrde รคr en fรถrutsรคttning fรถ
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
PS CyberSecurity History Information
How many cyber incidents has PS faced?
Total Incidents: According to Rankiteo, PS has faced 2 incidents in the past.
What types of cybersecurity incidents have occurred at PS?
Incident Types: The types of cybersecurity incidents that have occurred incidents Ransomware.
How does PS detect and respond to cybersecurity incidents?
Detection and Response: The company detects and responds to cybersecurity incidents through containment measures with Heightened security measures and remediation measures with Free credit monitoring services and containment measures with Crucial systems were isolated and enhanced monitoring with Measures have been taken to enhance security and operations.
Incident Details
Can you provide details on each incident?
Incident : Ransomware
Title: Rhysida Ransomware Attack on Port of Seattle
Description: In August 2024, the Port of Seattle was targeted by Rhysida ransomware group, resulting in a data breach that affected 90,000 individuals. The breach led to the unauthorized access and encryption of the port's computer systems, disrupting crucial services including baggage handling, check-ins, Wi-Fi, and parking. Personal information, including names, dates of birth, Social Security numbers, identification card numbers, and some medical information was compromised. The port's response included refusing to pay the ransom and implementing heightened security measures. Impacted individuals were offered free credit monitoring services as part of the remediation process.
Date Detected: August 2024
Type: Ransomware
Threat Actor: Rhysida ransomware group
Motivation: Financial Gain
Incident : Ransomware Attack
Title: Ransomware Attack on Port of Seattle
Description: The Port of Seattle, operator of the Seattle-Tacoma International Airport, was targeted by a ransomware attack orchestrated by the Rhysida group in August 2024. The attack resulted in significant disruptions to internet, website, email, phone services, and key operational systems like baggage handling, check-in kiosks, and ticketing. Over 7,000 passengers' bags were affected, causing substantial inconvenience and travel delays. The Port refused to pay the ransom, leading to potential risks of leaked data. In response, crucial systems were isolated, and measures have been taken to enhance security and operations while investigations continue.
Date Detected: August 2024
Type: Ransomware Attack
Threat Actor: Rhysida group
What are the most common types of attacks the company has faced?
Common Attack Types: The most common types of attacks the company has faced is Ransomware.
Impact of the Incidents
What was the impact of each incident?
Incident : Ransomware POR000040625
Data Compromised: Personal information, Names, Dates of birth, Social Security numbers, Identification card numbers, Medical information
Systems Affected: Baggage handling, Check-ins, Wi-Fi, Parking
Operational Impact: Disruption of crucial services
Incident : Ransomware Attack POR000091624
Systems Affected: internet, website, email, phone services, baggage handling, check-in kiosks, ticketing
Operational Impact: Significant disruptions to key operational systems
What types of data are most commonly compromised in incidents?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal information, Names, Dates of birth, Social Security numbers, Identification card numbers and Medical information.
Which entities were affected by each incident?
Incident : Ransomware POR000040625
Entity Type: Organization
Industry: Transportation
Location: Seattle
Customers Affected: 90,000 individuals
Incident : Ransomware Attack POR000091624
Entity Type: Government Agency
Industry: Transportation
Location: Seattle, Washington
Customers Affected: Over 7,000 passengers' bags were affected
Response to the Incidents
What measures were taken in response to each incident?
Incident : Ransomware POR000040625
Containment Measures: Heightened security measures
Remediation Measures: Free credit monitoring services
Incident : Ransomware Attack POR000091624
Containment Measures: Crucial systems were isolated
Enhanced Monitoring: Measures have been taken to enhance security and operations
Data Breach Information
What type of data was compromised in each breach?
Incident : Ransomware POR000040625
Type of Data Compromised: Personal information, Names, Dates of birth, Social Security numbers, Identification card numbers, Medical information
Number of Records Exposed: 90,000
Sensitivity of Data: High
Data Encryption: Yes
Personally Identifiable Information: Yes
What measures does the company take to prevent data exfiltration?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Free credit monitoring services.
How does the company handle incidents involving personally identifiable information (PII)?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through were Heightened security measures and Crucial systems were isolated.
Ransomware Information
Was ransomware involved in any of the incidents?
Incident : Ransomware Attack POR000091624
Ransom Paid: The Port refused to pay the ransom
Investigation Status
What is the current status of the investigation for each incident?
Incident : Ransomware Attack POR000091624
Investigation Status: Investigations continue
Post-Incident Analysis
What is the company's process for conducting post-incident analysis?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Measures have been taken to enhance security and operations.
Additional Questions
General Information
Has the company ever paid ransoms?
Ransom Payment History: The company has Paid ransoms in the past.
Who was the attacking group in the last incident?
Last Attacking Group: The attacking group in the last incident were an Rhysida ransomware group and Rhysida group.
Incident Details
What was the most recent incident detected?
Most Recent Incident Detected: The most recent incident detected was on August 2024.
Impact of the Incidents
What was the most significant data compromised in an incident?
Most Significant Data Compromised: The most significant data compromised in an incident were Personal information, Names, Dates of birth, Social Security numbers, Identification card numbers and Medical information.
What was the most significant system affected in an incident?
Most Significant System Affected: The most significant system affected in an incident were Baggage handling, Check-ins, Wi-Fi, Parking and internet, website, email, phone services, baggage handling, check-in kiosks, ticketing.
Response to the Incidents
What containment measures were taken in the most recent incident?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident were Heightened security measures and Crucial systems were isolated.
Data Breach Information
What was the most sensitive data compromised in a breach?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Personal information, Names, Dates of birth, Social Security numbers, Identification card numbers and Medical information.
What was the number of records exposed in the most significant breach?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 90.0K.
Ransomware Information
Investigation Status
What is the current status of the most recent investigation?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Investigations continue.
What Do We Measure?
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
