Royal Vopak’s Malaysian Oil Storage Complex Hit by Ransomware Attack

April 24, 2023

Vopak has fallen victim to a ransomware attack in Malaysia by what appears to be the ALPHV Blackcat ransomware group. Vopak informed that its business operations in the Netherlands are not in danger.

“We can confirm that an IT incident has occurred at Pengerang Independent Terminals (PTSB) in Malaysia,” a Vopak spokesperson said. “Unauthorized persons have gained access to our data,” Vopak confirms. “The incident is under investigation and we apologize for any inconvenience caused.” The company remains operational. Critical business information was allegedly stolen, including about the company’s fuel infrastructure and systems.

read more

Dutch Electromagnet Manufacturer Kendrion hit by Cyberattack

August 29, 2023

The control technology manufacturer Kendrion was hacked. An unauthorized third party gained access to the company’s network. The company took all of its systems offline and to keep operations running, relies on an emergency plan. Based on the current status of the investigation, it cannot be ruled out that the perpetrator also obtained company data.

Kendrion location in Malente was also affected by the attack. Development and sales are currently at a standstill, production could continue. Kendrion has sent home most of the 300 employees in Malente.

Kendrion issued a statement on September it had “fully resumed all operations. The incident has had no significant impact on our customer deliveries and is not expected to have a material impact on the company’s financial results.”

read more

DDoS Attack Took Down the North Sea Port Website

June 20, 2023

A DDoS attack took down the North Sea Port website, the company that operates the ports of Vlissingen and Terneuzen in Zeeland, and the Gent port in Belgium. The website was inaccessible for several hours, starting at 8:30 a.m. on Tuesday.

By early afternoon, the attack had been repelled, and the site was up and running again. Work in the port continued as usual, those systems were not affected.

read more

Dutch Port Authority Websites Bombarded With a DDoS Attack

June 14, 2023

The Port of Rotterdam, the largest seaport in Europe, reportedly suffered a major cyberattack that knocked off its official website for hours. According to Dutch news agency RTL Nieuws, a group of pro-Russian hackers targeted the Port of Rotterdam’s website and bombarded it with a DDoS attack. The websites of several other Dutch ports, including Groningen, Amsterdam, and Den Helder were also targeted by the threat actors.

While the official websites of the port authorities in Rotterdam, Amsterdam, and Den Helder were offline for several hours, the Groningen Seaport website was offline for the entire weekend. “For us, the website is important because we can inform the public, but we are not dependent on the website,” a spokesperson for the Port of Rotterdam said.

Port authorities also said that no other internal systems were affected by the attack and systems used for handling shipping were not impacted.

The Dutch National Cyber Security Centre repo

read more

Yanfeng cyberattack disrupts production at Stellantis

November 15, 2023

A cyberattack that hit automotive parts production at Yanfeng International Automotive Technology in the US this week has had a knock-on effect at Stellantis, with the carmaker forced to halt assembly on certain lines.

In a short statement Stellantis said: “Due to an issue with an external supplier, production at some North America assembly plants has been disrupted. We are monitoring the situation and working with the supplier to mitigate any further impact to our operations.”

The carmaker said it would not provide information on affected plants or any other details. There has been no comment from Yanfeng.
Yangfeng manufactures key parts like seats, interiors, and electronics, among other components. Yanfeng also supplies General Motors but the carmaker has not yet said if it will have any impact on its current production schedule.

read more

Airbus IT System Breach Exposes Data from Thousands of Airbus Vendors

September 12, 2023

The European aerospace giant Airbus said on Tuesday that it is investigating a cybersecurity incident following reports that a hacker posted information on 3,200 of the company’s vendors to the dark web. A threat actor using the moniker “USDoD” posted Monday on BreachForums that they obtained access to an Airbus web portal after compromising the account of a Turkish airline employee. The hacker claimed to have details on thousands of Airbus vendors, including names, addresses, phone numbers and emails, according to a report from Hudson Rock.

Airbus spokesperson Philippe Gmerek confirmed to Recorded Future News that hackers breached an “IT account associated with an Airbus customer” and that the company was investigating the incident. This account was used to download business documents dedicated to this customer from an Airbus web portal, the company said.

According to the Hudson Rock, the threat actor posted the leaked information publicly without making any demands. Few details are known about the threat actor or their motivations, but they have said they are a member of the relatively new ransomware group known as “Ransomed.”

read more

Ransomware Attack at Dutch Maritime Global Logistics Company

March 17, 2023

Dutch maritime logistics company Royal Dirkzwager confirmed that it was hit with ransomware from the Play group. The attack is the latest in a string of attacks targeting the shipping industry. Company CEO Joan Blaas told The Record the ransomware attack did not have an effect on operations. The attack involved the theft of data from servers that held a range of contracts and personal information. Blaas confirmed that the Dutch Data Protection Authority has been notified of the attack and said he is in negotiations with the cybercriminals.

Blaas confirmed that the Dutch Data Protection Authority has been notified of the attack and said he is in negotiations with the cybercriminals.

read more

Customer Data Breach at KLM and Air France

January 6, 2023

Air France and KLM have informed Flying Blue customers that some of their personal information was exposed after their accounts were breached. Air France and KLM confirmed the data breach in a statement sent to BleepingComputer and said that customers’ sensitive data, such as passport or credit card numbers, was not exposed. The two airlines said that they also reported the incident to their countries’ data protection authorities.

Flying Blue is a loyalty program allowing clients of multiple airlines, including Air France, KLM, Transavia, Aircalin, Kenya Airways, and TAROM, to exchange loyalty points for various rewards.

read more

Malta Oil Terminal, run by Evos, One of Several European Facilities Hit by a Cyberattack

February 3, 2022

“Evos said it had suffered delays at its terminals in Terneuzen in the Netherlands, Ghent in Belgium and Malta.” The company admitted to having several port terminals hit in multiple countries simultaneously: Terneuzen in The Netherlands; Ghent in Belgium and Birzebbuga in Malta. They only admitted to delays, not a complete shutdown. The Malta facility was acquired from Oiltanking last year, and could be subject to similar vulnerabilities.

Oiltanking Deutschland and Mabanaft, two German oil companies, were also hit by cyberattacks. Unconfirmed reports suggest that BlackCat ransomware may have compromised systems at these recent attacks.

read more

Household Products Giant Reckitt Benckiser Attacked by NotPetya

June 27, 2017

Household products giant Reckitt Benckiser has said last month’s malware cyber-attack could lead to a permanent loss of revenue. The attack disrupted manufacturing and ordering systems at the company, whose products include Nurofen and Dettol. Although it had “largely contained” the attack, Reckitt said the disruption meant like-for-like revenue growth in the second quarter would be down 2%. It also said it expected to lose “some further revenue permanently”

read more