UK Shipping firm Clarksons falls victim to hybrid ransomware / data theft extortion

Shipping company Clarksons has fallen victim to a major ransomware attack that could result in the exposure of private data, the company warned today.

The statement continued: "Our initial investigations have shown the unauthorised access was gained via a single and isolated user account which has now been disabled."

Clarksons confirmed the attack in a statement to the London Stock Exchange this morning. It claims that the attacker stole some of the company's more sensitive data and threatened to release it unless the company paid a ransom.

The company, though, has chosen not to pay up, and has warned shareholders and customers accordingly.

In a statement to the London Stock Exchange today, the company said that it has notified the police: "Clarksons has been working with data security specialists to investigate further and has notified the relevant regulatory bodies.

"Clarksons takes issues of IT security extremely seriously and continues to invest heavily to further enhance the systems and procedures it has in place.

"As part of this, the Company is continuing with a wider review of cyber security that began earlier this year and is, for example, accelerating the roll-out of various additional IT security measures."

The world's largest shipping company, founded in 1852, is alerting any customers who may have been caught up in the attack, although it hasn't given any details on the number of users affected.

It's highly probable this was a phishing or spear phishing attack that could have been prevented with new-school security awareness training.

I strongly suggest you get a quote for new-school security awareness training for your organization and find out how affordable this is. You simply have got to start training and phishing your users ASAP because your filters never catch all of it. Get a quote now and you will be pleasantly surprised.