Australian ports operator DP World impacted by cyberattack, partially shuts down operations

DP World Australia, a subsidiary of the global ports operator DP World and a major Australian ports operator has been the target of a cybersecurity incident that has significantly disrupted its operations across several Australian ports.

The company identified and began responding to the cyberattack on Friday, leading to a decision to restrict access to its ports in Sydney, Melbourne, Brisbane, and Fremantle as a precautionary measure to protect its employees, clients, and network systems.

No details are available about the nature of the incident nor the magnitude of the impact. It's known that the current shutdown measures have resulted in a temporary stop to the movement of goods and issues in the supply chain of goods to and from Australia that may last for several days.

The national cyber security coordinator has described the cyberattack as nationally significant, affecting crucial maritime port facilities.

The Australian government has taken an active role in addressing this incident, with Home Affairs Minister Clare O’Neil acknowledging the situation and stating that the government is coordinating a response with the help of the Australian Cyber Security Centre and the National Coordination Mechanism.

Update - as of 28th of November, DP World Australia confirmed that the cyberattack did not involve ransomware or encryption. While the attack was limited to DP World's Australian operations, the investigation revealed data theft, including personal information of current and former employees. Impacted individuals will be notified and supported to mitigate identity theft and fraud risks. The identity of the attackers remains unknown, and Australian authorities are closely involved in the response to the incident.