The victim, a global entity employing around 4,000 individuals, operates within the maritime industry and is associated with a major international shipping conglomerate. It is known for providing marine solutions and has a significant presence in Australia, where the incident occurred.
According to sources, the victim experienced a cybersecurity breach between May 27, 2017, and March 1, 2018. It was only upon discovery that the victim acted swiftly to mitigate the theft within a span of five hours.
Unauthorized entities managed to auto-forward over 50,000 emails from the finance, payroll and operations departments to external accounts.