Clarksons PLC, a 165-year old giant in the shipping world, just announced that a malicious hacker stole sensitive data and is threatening to release the data. Clarksons’ response to the demand is an emphatic ‘no’.

Clarksons Breach Details

The Clarksons press release provided the following details:

  • The unauthorised access was gained via a single and isolated user account.
  • The compromised user account has now been disabled, and Clarksons indicated they’ve put in place additional security measures to help prevent a similar incident.
  • Clarksons said it will not pay any ransom to the hacker, and the hacker may release some of the stolen data.
  • Clarksons is working with the police, and has notified the relevant regulatory bodies.
  • The company is in the process of contacting potentially affected clients and individuals.

No further details were provided on the extent of the data loss or whether personally identifiable information of customers was stolen.

Smart Responses to a Data Breach

Clarksons seems to be getting many things right in their response to the breach, including:

  • Relatively quick notification to public and regulatory agencies. Though the Telegraph stated that Clarksons is understood to have been the subject of the attack earlier this month but waited until now to reveal it, the firm’s response is still much more timely than that of other recent high-profile breaches.
  • Working with police to mitigate damage. Unlike the recent decision by Uber to pay hackers to return data, Clarksons has declined to pay the ransom demand. By not paying, they probably reduce the chances of being seen as an ‘easy target’ of future ransom demands.
  • Delivering an empathetic and helpful response. Clarksons’ release showed an understanding of customers’ and stockholders’ concern – and a desire to share lessons learned to help customers. Andi Case, CEO of Clarksons, stated:

“We hope that, in time, we can share the lessons learned with our clients to help stop them from becoming victims themselves.”

Near-Term and Long-Term Impacts

In the near-term, the announcement had a clear impact: shares in Clarksons fell by more than 3.5% after the breach announcement.

However, there is the possibility that a good response will pay dividends in the long-term. Jeremy Swinfen-Green, Head of Consulting at TEISS, said:

“A well-managed response, backed up by strong planning and a practised multi-functional incident response team (IRT), can reassure consumers affected by the breach. A strong response can even persuade them that the breached organisation will be more secure in the future – quite possibly more secure than competitors.”

Internal Security Industry Spotlight: The Power Sector
Industrial IIoT: The Impact of Industry Connection
Internal Security Industry Spotlight: The Gas & Oil Sector
The Malware Uprise: Why is it a Common Story?

Insider Threat Detection