Breach Notification , Critical Infrastructure Security , Cybercrime

Shipping Giant CMA CGM Hit With Second Attack

Compromised PII Includes Names, Email and Phone Numbers
Shipping Giant CMA CGM Hit With Second Attack

The French shipping firm CMA CGM reported on Monday that it had been struck with a data breach almost a year after it was hit with a ransomware attack that knocked its systems offline for several days.

See Also: OnDemand | Understanding Human Behavior: Tackling Retail's ATO & Fraud Prevention Challenge

"We wish to inform you that a leak of data on limited customer information (first and last names, employer, position, email address and phone number) has been detected during our surveillance operations on the Group's APIs," CMA CGM said in a statement. "Our IT teams have immediately developed and installed security patches."

CMA CGM gave out few details and did not list the type of attack, when it occurred, the reason for the breach or how many records had been compromised. But a few clues can be drawn from a warning included in the statement to customers.

The company said: "Do not share your account password or any personal information. CMA CGM will never ask them from you. Always check the authenticity of an email requesting you to log in to our platforms (especially if requested to reset your password), even if it seems to be sent by the CMA CGM Group."

CMA CGM is headquartered in Marseille, France. It generated $34.8 billion in revenue in 2020 and has 110,000 employees.

Other Shipping Attacks

The company reported in a series of tweets on Sept. 28, 2020, that it had suffered an undisclosed malware attack that knocked some of its systems offline.

At the time, the website Lloyd's List reported it had confirmed through the company that the attack was launched by the Ragnar Locker ransomware gang.

Over the past several years, some of the world's major shipping companies have come under attack. In July 2018, the Chinese-owned Cosco was hit by an attack that disabled its IT systems in the U.S.

In 2017, the Danish Maersk Line was involved in the global NotPetya attack, which cost the Danish carrier up to $300 million and forced the shipping giant to reroute ships. It was also unable to dock or unload cargo ships in dozens of ports.

About the Author

Doug Olenick

Doug Olenick

Former News Editor, ISMG

Olenick has covered the cybersecurity and computer technology sectors for more than 25 years. Prior to his stint as ISMG as news editor, Olenick was online editor for SC Media, where he covered every aspect of the cybersecurity industry and managed the brand's online presence. Earlier, he worked at TWICE - This Week in Consumer Electronics - for 15 years. He also has contributed to, TheStreet and Mainstreet.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.