News / Cyber-attack has left employees vulnerable, admits DP World Australia

@Issaro Prakalung

28/11/2023

DP World Australia confirmed this morning that personal employee data was compromised during a recent cyber-attack, which could leave staff vulnerable to fraud.

On 10 November, DP World Australia was the victim of a cyber-attack at its operations in Melbourne, Sydney, Brisbane and Fremantle ports, which led to a large backlog of container delays.

The port received no ransom demand and claimed no customer data was breached and the delays had now cleared. However, it has since been revealed that employees’ personal data had been stolen.

EVP of DP World Australia Nicolaj Noes told ABC’s The Business: “For some of our colleagues, it was their telephone numbers; for some, it was their address; and then for a very few people, there was a little bit more, a copy of a driver’s licence, etc.”

Andrew Martin, CEO of cyber risk management company Dynarisk, told The Loadstar: “Hackers can use ID verification documents to open bank accounts, take out loans, get a credit card in your name, and so on.

“Losses can range from, say, fraudulent food delivery orders to entire pension savings being transferred to hackers.

“They can, for example, attempt to contact your mobile phone provider and carry out a sim swap to get access to two-step verification tokens sent to your phone. If they can intercept verification SMS messages, then the next step would be to break into a bank account, email, cloud storage services, etc,” he warned.

This has raised questions as to whether employees affected by the cyber-attacks have grounds for legal action.

UK law firm Leigh Day represents an ongoing claim for BBC employees who had data stolen after a cyber-attack on payroll support service Zellis in June. It said: “For hackers to be able to access personal data, something has clearly gone very badly wrong. It will be important to review the adequacy of the security measures in place and identify who bears responsibility for any shortcomings identified.

“If these security measures were not adequate, those affected are likely to be entitled to compensation for the distress caused by the breach, as well as any financial losses that they may have suffered.”

Cybersecurity analysts have said that DP World Australia’s failure to fix a critical IT vulnerability, known as CitrixBleed, was the most likely route into the company’s systems – despite an update said to be available for more than a month.

Mr Noes admitted he would have “done some things differently”, in hindsight, and DP World said it was providing resources through external providers to support affected employees.

“It’s a very small part of our community that has been impacted, and we’re working with those affected now on an individual basis,” added Mr Noes.

This news comes a week before more industrial action, unrelated to the cyber-attack, in the form of a 48-hour work stoppage at DP World Australia port terminals. Mr Noes warned that long delays were likely and it would “shock the national supply chain”.