The LockBit ransomware group has listed Portugal’s Port of Lisbon’s data just days after authorities confirmed the port was targeted in a cyberattack.
Portuguese news outlet Publico reported hackers compromised the network of the Port of Lisbon on Christmas day. Speaking to the publication, the port authorities revealed the incident did not affect the port’s operations, but they added the Port of Lisbon Administration is working with law enforcement agencies to retrieve the exfiltrated data.
In a message posted to its hack and leak site a day after the attack was reported, LockBit claimed it has stolen all data belonging to the Port of Lisbon. These include financial reports, budgets and personal data of customers, as well as mail correspondence of the staff.
The group, which gave the authorities a deadline until Jan.18, demanded a ransom of $1.5 million to download or destroy the data. It further threatened to leak the exfiltrated data if the Port of Lisbon failed to respond within the given deadline.
Port of Lisbon is the third largest port in Portugal, consisting of five cruise ship docks. It is also the most accessed port in Europe because of its strategic location. As of Friday, the port’s website remains down. It did not respond to a request for comments.