Global container line CMA CGM said some of its data may have been stolen after a malware attack.
Photo:
Port Authority of New York and New Jersey
CMA CGM SA said some of its data may have been stolen after a malware attack that forced the global container line to shut down its main booking platform, delay cargo deliveries and halt electronic communications with clients and customs authorities.
“We suspect a data breach and are doing everything possible to assess its potential volume and nature,” a company spokeswoman said Wednesday.
France-based CMA CGM, the world’s fourth-largest container shipping line by capacity, said late Tuesday that the cyberattack over the weekend on two of its Asia-Pacific subsidiaries was being contained and that “all communications to and from the CMA CGM Group are secure, including emails, transmitted files and electronic data interchange interfaces.”
The company said in a customer advisory that it had suspended access to electronic bookings through its websites to protect customers. It said all cargo booked before Sept. 27 was secure, but later bookings will be processed as soon as possible.
CMA CGM asked clients to make bookings through a booking platform shared with some of its biggest competitors or to call local offices.
“This indicates potential compromise and/or loss of booking data received after that point,” said Lars Jensen, chief executive of Copenhagen-based SeaIntelligence Consulting and maritime security adviser to cybersecurity firm Improsec.
People involved in the matter said the carrier was dealing with an encryption malware attack and that it had been contacted by someone claiming to be a hacker who asked for ransom in return for a decryption key.
Those people said the company’s electronic connections in the U.S. and Canada were still down on Wednesday, complicating cargo customs clearance. Global businesses, including shipping companies, rely on electronic data interchange systems to transmit information.
The company said earlier that systems at its intra-Asia arm Cheng Lie Navigation Co. and the regional Australian National Line were unavailable. The websites for both operators were still down on Wednesday.
Brokers said some offices in China, including in Shanghai and Guangzhou, had been affected and staff were asked not to use company computers.
The attack follows a series of breaches of technology networks that have hit the world’s four largest container shipping lines in recent years.
The largest of those came in 2017 when Denmark’s Maersk Line, the shipping unit of
A.P. Moller-Maersk
A/S that is the world’s biggest container operator, was hit by the global NotPetya ransomware attack that crippled the carrier’s operations for a time. It cost the carrier $300 million to repair the damage.
Chinese container line Cosco Shipping Holdings Co. was hit by a cyberattack in 2018 and Geneva-based Mediterranean Shipping Co. suffered a network outage earlier this year that was believed to be the result of a cyberattack.
Write to Costas Paris at costas.paris@wsj.com
Copyright ©2020 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8
