A major cyber attack targeted Corsica Ferries, leading to a substantial data breach. The attack resulted in the loss of more than 101 GB of confidential information.
The Attack and the Perpetrators
The attack, traced back to late October 2023, was initially presented as a server outage by Corsica Ferries. Nonetheless, by the following day, the company had attempted to reassure users that services had returned to normal. The responsibility for the breach was later claimed by the hacker group ALPHV, known for their specialization in ransomware-related cyber attacks. This information was disclosed on their dark web page.
The Stolen Data
The stolen data was incredibly varied, including banking and billing details, personal data, as well as internal documents from Corsica Ferries. More specifically, these documents were designs of the company’s ships. The stolen files were eventually posted online, but they have since been removed and are no longer accessible.
The Visible Extracts
Despite the removal of the stolen files, some extracts of the company’s accounting information were visible. These included details of advertising expenditures across Europe, press relations costs in Italy, operating expenses for call centers, and a bank transaction between Corsica Ferries and one of its subsidiaries.
The full extent of the stolen data remains unclear, especially regarding whether customer personal and banking information was included. The files were purportedly published due to a lack of cooperation from Corsica Ferries, suggesting that the company did not give in to the hacker group’s ransom demands.