The Port of Seattle has confirmed that a sophisticated ransomware attack compromised the personal information of nearly 90,000 individuals, with the majority believed to be residents of Washington state. The breach, which occurred in August, has been attributed to the Rhysida ransomware group—an emerging cyber threat that has been targeting critical infrastructure and organizations worldwide since its appearance in May 2023.
According to an official statement from the Port of Seattle, unauthorized access to previously used internal systems led to the theft of sensitive personal data. The compromised information includes full names, dates of birth, Social Security numbers, state-issued identification or driver’s license numbers, and limited medical details. The affected systems primarily held data related to past employees, contractors, and parking services—not passenger information.
“The Port holds very little personal data related to airport or maritime passengers, and systems used to process payments or active operations were not impacted,” the Port clarified. Since the breach, officials say there has been no evidence of continued unauthorized access to their systems.
As part of its response, the Port is offering complimentary credit monitoring and identity protection services to all individuals whose data was affected by the breach. Impacted individuals have been notified and urged to take precautionary steps to monitor their financial and personal accounts.
Cybersecurity experts note that the Rhysida ransomware group, which operates as a ransomware-as-a-service (RaaS) collective, has increasingly targeted government agencies, healthcare providers, and educational institutions across the U.S., raising national concerns over digital infrastructure vulnerabilities.
The Port of Seattle says it has implemented additional security measures since the incident and is working closely with cybersecurity professionals and law enforcement to prevent future attacks.
