Hackers stole DP World data, patch lapse blamed

afr.com:

DP World has confirmed hackers stole data during a breach that forced it to shut down ports around the country last week and which experts say was likely to have stemmed from its failure to patch a widely known security flaw.

The stevedore would not say on Wednesday whether the stolen data included employee or client information, citing its ongoing investigation into the incident.

DP World said it was still working with cybersecurity advisers to investigate the hack. Eddie Jim

The confirmation comes as government cybersecurity chief Air Marshal Darren Goldie, who was leading the response to the hack, was forced to return to Defence and went on leave over a “workplace matter”.

A DP World spokesman said of the hack: “We have determined that some data was accessed and/or exfiltrated from our Australian corporate network.

“We are undertaking a review of potentially impacted data as priority. Given the ongoing forensic work required to assess potentially impacted data, this review may take some time.

“We will provide further updates as they become available.”

DP World had not patched a vulnerability in one of its IT systems that Russian hackers were exploiting before it detected the intrusion last Friday, according to screenshots seen by The Australian Financial Review.

In response to the breach, the company shut down its systems, resulting in the crippling of about 40 per cent of the country’s import and export capacity because trucks could not collect containers from DP World facilities. It has since restarted operations.

Cybersecurity Minister Clare O’Neil and the Australian Cyber Security Centre have warned businesses to urgently update Citrix systems that are being exploited on an industrial scale by the Russian