According to Shipping Watch, the message that CMA CGM sent out to its customers reads as follows:
We wish to inform you that a leak of data on limited customer information (first and last names, employer, position, email address and phone number) has been detected during our surveillance operations on the Group’s APIs [application programming interfaces, -ed]
Last year’s cyber attack on CMA CGM occured on September 28th. As a result of the attack, bookings had to be made via 3rd party platforms and some important CMA CGM features were unavailable online. The issue was not fully remedied until almost 2 weeks later.
Commenting on last year’s cyber attack on LinkedIn, shipping expert Lars Jensen encouraged organisations to make improvements to their security:
All should heed two key pieces of advice:
– Strengthen your defenses. This will reduce the likelihood of a successful attack and limit the damage when hit.
– No matter how good your defenses are, there is still a risk. It is imperative to have a solid contingency plan keeping you running potentially for weeks.
To illustrate his point, Jensen also described the situation as being like a fire on a ship:
It is no different than a fire on a vessel. Reduce the risk of the fire happening at all. If a fire breaks out, ensure the design of the vessel hinders the spread. Have a fire-fighting plan that is clear and well-rehearsed.
Unfortunately for CMA CGM, whatever measures (if any) were implemented following last years incident have not managed to prevent another cyber attack occurring.
Photo: wallpaperflare.com