PS
Company Details
Linkedin ID:
port-of-seattle
Website:
Employees number:
2,020
Number of followers:
42,807
NAICS:
92
Industry Type:
Homepage:
portseattle.org
IP Addresses:
88
Company ID:
POR_2686481
Scan Status:
Completed
Port of Seattle Company CyberSecurity Posture
portseattle.org
Founded in 1911, the Port owns and operates Seattle-Tacoma International Airport, Fishermen’s Terminal — home of the North Pacific fishing fleet — and public marinas. The Port also owns two cruise ship terminals, a grain terminal, real estate assets, and marine cargo terminals through its partnership in the Northwest Seaport Alliance. Port operations help support nearly 200,000 jobs and $7 billion in wages throughout the region. Over the next 19 years, the port’s “Century Agenda” seeks to create an additional 100,000 jobs through economic growth while becoming the nation’s leading green and energy-efficient port.
Port of Seattle A.I CyberSecurity Scoring
PS Risk Score (AI oriented)Between 0 and 549
PS
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
PS Global Score (TPRM)XXXX
PS
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
PS Company CyberSecurity News & History
Past Incidents
3
Attack Types
2
Port of Seattle
Cyber Attack
Rankiteo Explanation
Attack threatening the economy of geographical region
Description: On August 24, 2024, the Port of Seattle fell victim to a targeted cyberattack that disrupted its operational infrastructure, including cargo handling, scheduling, and logistics systems. As one of the largest U.S. ports, the breach created cascading delays in national and international trade, exposing critical vulnerabilities in maritime cybersecurity. The attack resulted in significant financial losses due to operational halts, while sensitive data—potentially including trade records, logistical plans, or partner communications—was compromised. The incident underscored the port’s role as a high-value target for cybercriminals, given its strategic importance to supply chains and economic stability. Recovery efforts faced challenges in restoring trust among shipping partners and mitigating long-term reputational damage, as the attack highlighted systemic risks in port authority cyber defenses. The broader implications included potential regulatory scrutiny and calls for strengthened cybersecurity measures across the maritime sector.
Port of Seattle
Ransomware
Rankiteo Explanation
Attack threatening the organization’s existence
Description: The Port of Seattle, operator of the Seattle-Tacoma International Airport, was targeted by a ransomware attack orchestrated by the Rhysida group in August 2024. The attack resulted in significant disruptions to internet, website, email, phone services, and key operational systems like baggage handling, check-in kiosks, and ticketing. Over 7,000 passengers' bags were affected, causing substantial inconvenience and travel delays. The Port refused to pay the ransom, leading to potential risks of leaked data. In response, crucial systems were isolated, and measures have been taken to enhance security and operations while investigations continue.
Port of Seattle
Ransomware
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: In August 2024, the Port of Seattle was targeted by Rhysida ransomware group, resulting in a data breach that affected 90,000 individuals. The breach led to the unauthorized access and encryption of the port's computer systems, disrupting crucial services including baggage handling, check-ins, Wi-Fi, and parking. Personal information, including names, dates of birth, Social Security numbers, identification card numbers, and some medical information was compromised. The port's response included refusing to pay the ransom and implementing heightened security measures. Impacted individuals were offered free credit monitoring services as part of the remediation process.
PS Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for PS
Incidents vs Government Administration Industry Average (This Year)
No incidents recorded for Port of Seattle in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Port of Seattle in 2025.
Incident Types PS vs Government Administration Industry Avg (This Year)
No incidents recorded for Port of Seattle in 2025.
Incident History — PS (X = Date, Y = Severity)
PS cyber incidents detection timeline including parent company and subsidiaries
PS Company Subsidiaries
Founded in 1911, the Port owns and operates Seattle-Tacoma International Airport, Fishermen’s Terminal — home of the North Pacific fishing fleet — and public marinas. The Port also owns two cruise ship terminals, a grain terminal, real estate assets, and marine cargo terminals through its partnership in the Northwest Seaport Alliance. Port operations help support nearly 200,000 jobs and $7 billion in wages throughout the region. Over the next 19 years, the port’s “Century Agenda” seeks to create an additional 100,000 jobs through economic growth while becoming the nation’s leading green and energy-efficient port.
Loading...
PS Similar Companies
State of Florida
Join Florida’s talented workforce to fulfill your professional goals and achieve a meaningful career. Our talented public servants work hard to serve more than 19 million residents across Florida, and you, too, can realize success in the Sunshine State. Working in Florida’s state government mean
Ville de Montréal
Montréal est la plus grande ville francophone d’Amérique et elle se distingue par sa vitalité culturelle exceptionnelle et des forces créatrices reconnues mondialement. Elle se développe un peu plus chaque jour en une ville contemporaine, inclusive et dynamique sur les plans économique, culturel
State of Michigan
Every day the contributions and achievements of State of Michigan employees have a direct impact on over 10 million Michiganders across the state. If you're looking for a fulfilling career in state government that can make a real difference in the lives of others, you can find your place working wit
Secretaría de Educación Pública
MISIÓN/PROPÓSITO: La SEP tiene como propósito esencial crear condiciones que permitan asegurar el acceso de todas las mexicanas y mexicanos a una educación de calidad, en el nivel y modalidad que la requieran y en el lugar donde la demanden. VISIÓN: En el año 2025, México cuenta con un sistema
eThekwini Municipality
EThekwini Municipality is a Metropolitan Municipality found in the South African province of KwaZulu-Natal. Home to the world-famous city of Durban. EThekwini is the largest City in the province and the third largest city in the country. It is a sophisticated cosmopolitan city of over 3 468 088 peop
US Environmental Protection Agency (EPA)
U.S. Environmental Protection Agency’s (EPA) mission is to protect human health and the environment. EPA works to ensure that: - Americans have clean air, land and water; - National efforts to reduce environmental risks are based on the best available scientific information; - Federal laws protecti
State of California
Californians deserve a government that works for them and with them. One that will work to ensure opportunity and justice. We are building a California not for the few, but for all — including those who have historically been left out. We are doing the work to make our state a place for every Cali
Department of Health (Philippines)
The Philippine Department of Health (abbreviated as DOH; Filipino: Kagawaran ng Kalusugan) is the executive department of the Philippine government responsible for ensuring access to basic public health services by all Filipinos through the provision of quality health care and the regulation of all
U.S. Department of Homeland Security
The Department of Homeland Security (DHS) has a vital mission: to secure the nation from the many threats we face. This requires the hard work of more than 260,000 employees in jobs that range from aviation and border security to emergency response, from cybersecurity analyst to chemical facility in
.png)
PS CyberSecurity News
November 06, 2025 08:00 AM
Seattle-Tacoma Joins Hartsfield-Jackson, and LAX Airports To Face Massive Cyberattacks Where Thousands of Passengers Were Stranded Giving Surge to Travel Chaos: Is Your Future Air Travel In Jeopardy?
Seattle-Tacoma International Airport (SEA) faced a ransomware attack on August 24, 2024, disrupting airport systems and triggering system...
September 09, 2025 07:00 AM
Protecting U.S. Ports Requires Congress to Get Cyber-Specific
Cranes are a crucial part of the supply chain that keeps shelves stocked across the United States; but who controls them, American operators...
June 27, 2025 07:00 AM
Hawaiian Airlines Hit by Cybersecurity Incident
The US airline said that incident was affecting some of its IT systems, but flights are continuing to operate safely and as scheduled.
June 20, 2025 07:00 AM
WestJet cyberattack remains unresolved one week in, but operations unaffected
A cyberattack against WestJet that began last week remains unresolved, as questions linger about the nature and fallout of the breach.
April 22, 2025 07:00 AM
Rebuilding Maritime Cybersecurity Resilience: Charting an America First Course to Secure the U.S. Homeland
Strengthening U.S. maritime cybersecurity in 2025 is vital. Learn about recent port cyberattacks and key steps to secure America's ports and...
April 15, 2025 07:00 AM
Maritime Vulnerabilities: Coast Guard focusing on cybersecurity threats
Cyber threats, port vulnerabilities, Dali crash, Coast Guard, ransomware, Chinese cranes, maritime security, GAO report.
April 14, 2025 07:00 AM
Aviation sector faces heightened cyber risks due to vulnerable software, aging tech
A report calls on federal authorities to conduct comprehensive risk assessments and take steps to modernize the air traffic control system.
April 10, 2025 07:00 AM
Breach Roundup: Port of Seattle Notifies 90,000 Victims
Every week, Information Security Media Group rounds up cybersecurity incidents and breaches around the world. This week, Port of Seattle...
April 10, 2025 07:00 AM
Port of Seattle Alerts Individuals Affected By August 2024 Cyberattack
The Port of Seattle has announced that notification letters are being sent to individuals whose personal data was compromised during the cyberattack in August...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
PS CyberSecurity History Information
Official Website of Port of Seattle
The official website of Port of Seattle is http://www.portseattle.org.
Port of Seattle’s AI-Generated Cybersecurity Score
According to Rankiteo, Port of Seattle’s AI-generated cybersecurity score is 523, reflecting their Critical security posture.
How many security badges does Port of Seattle’ have ?
According to Rankiteo, Port of Seattle currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Port of Seattle have SOC 2 Type 1 certification ?
According to Rankiteo, Port of Seattle is not certified under SOC 2 Type 1.
Does Port of Seattle have SOC 2 Type 2 certification ?
According to Rankiteo, Port of Seattle does not hold a SOC 2 Type 2 certification.
Does Port of Seattle comply with GDPR ?
According to Rankiteo, Port of Seattle is not listed as GDPR compliant.
Does Port of Seattle have PCI DSS certification ?
According to Rankiteo, Port of Seattle does not currently maintain PCI DSS compliance.
Does Port of Seattle comply with HIPAA ?
According to Rankiteo, Port of Seattle is not compliant with HIPAA regulations.
Does Port of Seattle have ISO 27001 certification ?
According to Rankiteo,Port of Seattle is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Port of Seattle
Port of Seattle operates primarily in the Government Administration industry.
Number of Employees at Port of Seattle
Port of Seattle employs approximately 2,020 people worldwide.
Subsidiaries Owned by Port of Seattle
Port of Seattle presently has no subsidiaries across any sectors.
Port of Seattle’s LinkedIn Followers
Port of Seattle’s official LinkedIn profile has approximately 42,807 followers.
NAICS Classification of Port of Seattle
Port of Seattle is classified under the NAICS code 92, which corresponds to Public Administration.
Port of Seattle’s Presence on Crunchbase
No, Port of Seattle does not have a profile on Crunchbase.
Port of Seattle’s Presence on LinkedIn
Yes, Port of Seattle maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/port-of-seattle.
Cybersecurity Incidents Involving Port of Seattle
As of December 03, 2025, Rankiteo reports that Port of Seattle has experienced 3 cybersecurity incidents.
Number of Peer and Competitor Companies
Port of Seattle has an estimated 11,265 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Port of Seattle ?
Incident Types: The types of cybersecurity incidents that have occurred include Cyber Attack and Ransomware.
How does Port of Seattle detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an containment measures with crucial systems were isolated, and enhanced monitoring with measures have been taken to enhance security and operations, and containment measures with heightened security measures, and remediation measures with free credit monitoring services..
Incident Details
Can you provide details on each incident ?
Title: Ransomware Attack on Port of Seattle
Description: The Port of Seattle, operator of the Seattle-Tacoma International Airport, was targeted by a ransomware attack orchestrated by the Rhysida group in August 2024. The attack resulted in significant disruptions to internet, website, email, phone services, and key operational systems like baggage handling, check-in kiosks, and ticketing. Over 7,000 passengers' bags were affected, causing substantial inconvenience and travel delays. The Port refused to pay the ransom, leading to potential risks of leaked data. In response, crucial systems were isolated, and measures have been taken to enhance security and operations while investigations continue.
Date Detected: August 2024
Type: Ransomware Attack
Threat Actor: Rhysida group
Title: Rhysida Ransomware Attack on Port of Seattle
Description: In August 2024, the Port of Seattle was targeted by Rhysida ransomware group, resulting in a data breach that affected 90,000 individuals. The breach led to the unauthorized access and encryption of the port's computer systems, disrupting crucial services including baggage handling, check-ins, Wi-Fi, and parking. Personal information, including names, dates of birth, Social Security numbers, identification card numbers, and some medical information was compromised. The port's response included refusing to pay the ransom and implementing heightened security measures. Impacted individuals were offered free credit monitoring services as part of the remediation process.
Date Detected: August 2024
Type: Ransomware
Threat Actor: Rhysida ransomware group
Motivation: Financial Gain
Title: Cyberattack on the Port of Seattle
Description: On August 24, 2024, the Port of Seattle experienced a cyberattack that targeted its operational systems, potentially disrupting cargo handling, scheduling, and port logistics. The attack aimed at critical infrastructure in one of the largest ports in the United States, creating ripple effects throughout national and international trade. Operational delays, financial losses, and the compromise of sensitive information were among the impacts, further highlighting the vulnerabilities of port authorities and maritime trade to cybercrime.
Date Detected: 2024-08-24
Type: Cyberattack
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Ransomware.
Impact of the Incidents
What was the impact of each incident ?
Incident : Ransomware Attack POR000091624
Systems Affected: internetwebsiteemailphone servicesbaggage handlingcheck-in kiosksticketing
Operational Impact: Significant disruptions to key operational systems
Incident : Ransomware POR000040625
Data Compromised: Personal information, Names, Dates of birth, Social security numbers, Identification card numbers, Medical information
Systems Affected: Baggage handlingCheck-insWi-FiParking
Operational Impact: Disruption of crucial services
Incident : Cyberattack POR438092125
Systems Affected: operational systemscargo handlingschedulingport logistics
Downtime: True
Operational Impact: delays in cargo handlingdisruptions in schedulinglogistics interruptions
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal Information, Names, Dates Of Birth, Social Security Numbers, Identification Card Numbers, Medical Information, , Sensitive Information and .
Which entities were affected by each incident ?
Incident : Ransomware Attack POR000091624
Entity Name: Port of Seattle
Entity Type: Government Agency
Industry: Transportation
Location: Seattle, Washington
Customers Affected: Over 7,000 passengers' bags were affected
Incident : Ransomware POR000040625
Entity Name: Port of Seattle
Entity Type: Organization
Industry: Transportation
Location: Seattle
Customers Affected: 90,000 individuals
Incident : Cyberattack POR438092125
Entity Name: Port of Seattle
Entity Type: Port Authority
Industry: Maritime/Logistics
Location: Seattle, Washington, USA
Size: Large (one of the largest ports in the U.S.)
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Ransomware Attack POR000091624
Containment Measures: Crucial systems were isolated
Enhanced Monitoring: Measures have been taken to enhance security and operations
Incident : Ransomware POR000040625
Containment Measures: Heightened security measures
Remediation Measures: Free credit monitoring services
Data Breach Information
What type of data was compromised in each breach ?
Incident : Ransomware POR000040625
Type of Data Compromised: Personal information, Names, Dates of birth, Social security numbers, Identification card numbers, Medical information
Number of Records Exposed: 90,000
Sensitivity of Data: High
Data Encryption: Yes
Personally Identifiable Information: Yes
Incident : Cyberattack POR438092125
Type of Data Compromised: Sensitive information
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Free credit monitoring services.
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by crucial systems were isolated and heightened security measures.
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : Ransomware Attack POR000091624
Ransom Paid: The Port refused to pay the ransom
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Ransomware Attack POR000091624
Investigation Status: Investigations continue
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Cyberattack POR438092125
High Value Targets: Operational Systems, Cargo Handling, Scheduling, Port Logistics,
Data Sold on Dark Web: Operational Systems, Cargo Handling, Scheduling, Port Logistics,
Post-Incident Analysis
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Measures have been taken to enhance security and operations.
Additional Questions
General Information
Has the company ever paid ransoms ?
Ransom Payment History: The company has Paid ransoms in the past.
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident were an Rhysida group and Rhysida ransomware group.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on August 2024.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Personal information, Names, Dates of birth, Social Security numbers, Identification card numbers, Medical information, and .
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was internetwebsiteemailphone servicesbaggage handlingcheck-in kiosksticketing and Baggage handlingCheck-insWi-FiParking and operational systemscargo handlingschedulingport logistics.
Response to the Incidents
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident were Crucial systems were isolated and Heightened security measures.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Social Security numbers, Dates of birth, Identification card numbers, Names, Medical information and Personal information.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 90.0K.
Ransomware Information
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Investigations continue.
.png)
Latest Global CVEs (Not Company-Specific)
Description
vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.11.1, vllm has a critical remote code execution vector in a config class named Nemotron_Nano_VL_Config. When vllm loads a model config that contains an auto_map entry, the config class resolves that mapping with get_class_from_dynamic_module(...) and immediately instantiates the returned class. This fetches and executes Python from the remote repository referenced in the auto_map string. Crucially, this happens even when the caller explicitly sets trust_remote_code=False in vllm.transformers_utils.config.get_config. In practice, an attacker can publish a benign-looking frontend repo whose config.json points via auto_map to a separate malicious backend repo; loading the frontend will silently run the backend’s code on the victim host. This vulnerability is fixed in 0.11.1.
Risk Information
cvss3
Base: 7.1
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Description
fastify-reply-from is a Fastify plugin to forward the current HTTP request to another server. Prior to 12.5.0, by crafting a malicious URL, an attacker could access routes that are not allowed, even though the reply.from is defined for specific routes in @fastify/reply-from. This vulnerability is fixed in 12.5.0.
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting (XSS) vulnerability has been identified in the Angular Template Compiler. It occurs because the compiler's internal security schema is incomplete, allowing attackers to bypass Angular's built-in security sanitization. Specifically, the schema fails to classify certain URL-holding attributes (e.g., those that could contain javascript: URLs) as requiring strict URL security, enabling the injection of malicious scripts. This vulnerability is fixed in 21.0.2, 20.3.15, and 19.2.17.
Risk Information
cvss4
Base: 8.5
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Gin-vue-admin is a backstage management system based on vue and gin. In 2.8.6 and earlier, attackers can delete any file on the server at will, causing damage or unavailability of server resources. Attackers can control the 'FileMd5' parameter to delete any file and folder.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Portkey.ai Gateway is a blazing fast AI Gateway with integrated guardrails. Prior to 1.14.0, the gateway determined the destination baseURL by prioritizing the value in the x-portkey-custom-host request header. The proxy route then appends the client-specified path to perform an external fetch. This can be maliciously used by users for SSRF attacks. This vulnerability is fixed in 1.14.0.
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=port-of-seattle' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
