French container shipping company CMA CGM has been subject to another cyberattack, which is said to have compromised limited customer data.
The firm said that the breach did not impact its operations.
In a notice, CMA CGM said: “A leak of data on limited customer information (first and last names, employer, position, email address and phone number) has been detected during our surveillance operations on the group’s APIs.
“Our IT teams have immediately developed and installed security patches.”
CMA CGM recommended that its customers not share their account passwords or any other personal information.
Clients were also advised to check the authenticity of any email asking them to log in to the company’s platforms, especially in the case of a request to reset their password.
CMA CGM has not revealed any other details related to the cyberattack.
This data security breach comes almost one year after CMA CGM was hit by a ransomware attack.
The previous cyberattack affected the company’s peripheral servers.
The company blocked external access to applications to prevent the spread of the malware as soon as the breach was identified.
During that time, many websites of the French liner, including CMA CGM, APL, ANL and CNC, were down due to IT-related issues.
After several days, CMA CGM was able to completely restore access to all its information systems, including the group’s e-commerce sites.
Last year, Mediterranean Shipping Company (MSC), Hurtigruten, and the International Maritime Organization (IMO) also witnessed maritime-related cyberattacks.
In June, the national flagship carrier of South Korea, HMM, reported a cyberattack that affected its email server.
The unidentified security breach was spotted in the early hours of 12 June and resulted in limited access to certain areas of the company’s email outlook system.
In January, the IMO issued the requirement for shipowners and operators to incorporate the management of cyber risks into their security practices at the upcoming annual validation of their IMO certification.
This is the first-ever regulatory agenda related to cyber security in the maritime sector.