View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. News
September 21, 2021updated 10 Nov 2021 4:30am

CMA CGM reports another cyberattack targeting customer data

The company has recommended that its clients not share their account passwords or any other personal information.

French container shipping company CMA CGM has been subject to another cyberattack, which is said to have compromised limited customer data.

The firm said that the breach did not impact its operations.

In a notice, CMA CGM said: “A leak of data on limited customer information (first and last names, employer, position, email address and phone number) has been detected during our surveillance operations on the group’s APIs.

“Our IT teams have immediately developed and installed security patches.”

CMA CGM recommended that its customers not share their account passwords or any other personal information.

Clients were also advised to check the authenticity of any email asking them to log in to the company’s platforms, especially in the case of a request to reset their password.

CMA CGM has not revealed any other details related to the cyberattack.

This data security breach comes almost one year after CMA CGM was hit by a ransomware attack.

The previous cyberattack affected the company’s peripheral servers.

The company blocked external access to applications to prevent the spread of the malware as soon as the breach was identified.

During that time, many websites of the French liner, including CMA CGM, APL, ANL and CNC, were down due to IT-related issues.

After several days, CMA CGM was able to completely restore access to all its information systems, including the group’s e-commerce sites.

Last year, Mediterranean Shipping Company (MSC), Hurtigruten, and the International Maritime Organization (IMO) also witnessed maritime-related cyberattacks.

In June, the national flagship carrier of South Korea, HMM, reported a cyberattack that affected its email server.

The unidentified security breach was spotted in the early hours of 12 June and resulted in limited access to certain areas of the company’s email outlook system.

In January, the IMO issued the requirement for shipowners and operators to incorporate the management of cyber risks into their security practices at the upcoming annual validation of their IMO certification.

This is the first-ever regulatory agenda related to cyber security in the maritime sector.

Related Companies

NEWSLETTER Sign up Tick the boxes of the newsletters you would like to receive. The top stories of the day delivered to you every weekday. A weekly roundup of the latest news and analysis, sent every Friday. The industry's most comprehensive news and information delivered every month.
I consent to GlobalData UK Limited collecting my details provided via this form in accordance with the Privacy Policy


Thank you for subscribing to Ship Technology