Hackers Demand $6 Million for Files Stolen From Seattle Airport in Cyberattack

Ransom Demand After Cyberattack on Seattle-Tacoma International Airport

Hackers are demanding $6 million in bitcoin from the Port of Seattle, the operator of Seattle-Tacoma International Airport, following a cyberattack that compromised sensitive data last month. The ransomware group responsible, believed to be Rhysida, posted stolen documents on the dark web earlier this week, according to airport officials.

Airport Operator Refuses to Pay Ransom

Lance Lyttle, the airport’s managing director of aviation, confirmed that the Port of Seattle has decided not to pay the $6 million ransom, citing it as an inappropriate use of taxpayer funds. The hackers are demanding 100 bitcoin to retrieve stolen files. The FBI has launched a criminal investigation into the attack, Lyttle informed a U.S. Senate committee on Wednesday.

Details of the Cyberattack and Stolen Data

While Lyttle did not disclose the exact nature of the stolen documents, he indicated that the airport would contact any individuals whose personal information may have been compromised. The hackers gained access to and encrypted some of the airport’s data, though airport systems managed to halt further escalation of the attack. On Monday, the cybercriminals posted eight files from the airport’s systems on a dark web forum, demanding payment for the rest.

Disruption During a Busy Travel Period

The cyberattack, which began on August 24, occurred at a critical time—a week before the Labor Day holiday weekend, one of the busiest travel periods of the year. While flights were not disrupted, the attack significantly impacted airport operations, including ticketing, check-in kiosks, and baggage handling. Passengers flying with smaller airlines had to rely on paper boarding passes.

Link to Other Cyberattacks

This incident follows a similar attack on the city of Columbus, Ohio, last month, which was also attributed to the Rhysida ransomware group. In that case, city officials downplayed the significance of the stolen data, and no ransom demand was made. The Port of Seattle, however, is taking the attack seriously, with ongoing efforts to mitigate the damage and protect sensitive information.

FBI Investigation Underway

The FBI has opened a criminal investigation into the Seattle-Tacoma International Airport attack. The airport continues to recover from the incident, and officials are working to ensure no further data leaks occur.