Hackers want Seattle airport operator to pay $6 million in bitcoin

WASHINGTON, D.C.: Hackers are demanding $6 million in bitcoin from the operator of Seattle-Tacoma International Airport after stealing sensitive documents during a cyberattack in August.

The cybercriminals, identified as the Rhysida ransomware gang, posted copies of eight stolen files on the dark web earlier this week.

Lance Lyttle, managing director of aviation for the Port of Seattle, said, "They posted on their dark website a copy of eight files stolen from Port systems and are seeking 100 bitcoin to buy the data."

However, the Port of Seattle, which operates the airport, has decided not to pay the ransom, deeming it an inappropriate use of taxpayer funds.

Speaking before a U.S. Senate committee, Lyttle said the airport managed to halt the cyberattack, but not before some data had been encrypted and stolen. The exact contents of the compromised documents have not been disclosed, but the airport plans to notify any individuals whose personal information may have been exposed.

The attack, which began on August 24, disrupted key airport systems, including ticketing, check-in kiosks, and baggage handling. Some passengers, particularly those flying with smaller airlines, had to take paper boarding passes. Despite these issues, flights continued operating through the busy Labor Day travel period.

The FBI is currently investigating the breach. Rhysida, the ransomware gang responsible, was also linked to a recent data breach in Columbus, Ohio. In that case, city officials downplayed the significance of the stolen data and did not receive a ransom demand.

Seattle airport officials continue to recover from the cyberattack while cooperating with federal authorities.