29 November 2021

Marine services provider Swire Pacific Offshore hit by Clop ransomware


Marine services provider Swire Pacific Offshore hit by Clop ransomware

Marine services provider Swire Pacific Offshore (SPO) has suffered a data breach after it was hit by a cyberattack last week.

“Swire Pacific Offshore (SPO) has discovered that it was the target of a cyberattack which involved unauthorised access to its IT systems. The unauthorised access has resulted in the loss of some confidential proprietary commercial information and has resulted in the loss of some personal data. The cyberattack has not materially affected SPO’s global operations,” the company said in a statement.

Swire Pacific-owned Swire Pacific Offshore (SPO) is a marine services provider that operates a diverse fleet of more than 50 vessels, including Anchor Handling Tug Supply (AHTS) Vessels, Platform Supply Vessels (PSV) and a Seismic Survey Vessel. SPO owns and operates a diverse fleet in every major oil exploration region outside of US Gulf of Mexico.

While the shipping provider did not provide additional details on the nature of the cyber intrusion or what amount of data was stolen, it noted that it reported the incident to the relevant authorities and is contacting potentially affected parties to inform them about the incident.

SPO has not confirmed if the attack involved ransomware, but the Clop ransomware gang took the responsibility for the hack claiming it has breached SPO’s systems.

In the their blog the group posted screenshots of data allegedly stolen from SPO, including passport scans, sensitive company documents, employee personal information, and folder lists. Employees who appear to be most affected are based in Singapore and Malaysia, but some records belong to staff in the UK, China, and the Philippines.

In June, Ukrainian police arrested six members of the Clop ransomware gang. The suspects were accused of running a double extortion scheme, threatening to leak victims’ sensitive information if ransom demand is not paid.


Back to the list

Latest Posts

The story of the four bears: Brief analysis of APT groups linked to the Russian government

The story of the four bears: Brief analysis of APT groups linked to the Russian government

In “The Four Bears” series we will tell you about the APT groups known as Fancy Bear, Cozy Bear, Voodoo Bear, and Berserk Bear.
17 January 2022
Cybersecurity year in review: Most notable APT hacks of 2021

Cybersecurity year in review: Most notable APT hacks of 2021

In 2021 nation-state actors somewhat faded into the background, but they still pose a significant threat.
17 January 2022
Hackers put up for sale data of 2M ONUS customers after the company refused to pay $5 million ransom

Hackers put up for sale data of 2M ONUS customers after the company refused to pay $5 million ransom

The attackers exploited the Log4Shell vulnerability on ONUS’ Cyclos server to plant backdoor and exfiltrate data.
30 December 2021