Clarksons hit by cyber security breach

Clarkson PLC CEO Andi Case: hope our clients understand that we would not be held to ransom by criminals"

NOVEMBER 29, 2017 — The latest high-profile victim of a cyber attack is the world’s largest shipbroker, Clarkson PLC, a major provider of integrated services and investment banking capabilities to the shipping and offshore markets.

In a regulatory filing, the company warns that “today, the person or persons behind the incident may release some data.”

It said that “the data at issue is confidential and lawyers are on standby wherever needed to take all necessary steps to preserve the confidentiality in the information.”

Following is the text of the filing:

Clarkson PLC confirms that it was subject to a cybersecurity incident which involved unauthorized access to the Company’s computer systems. As soon as it was discovered, Clarksons took immediate steps to respond to and manage the incident. Our initial investigations have shown the unauthorized access was gained via a single and isolated user account which has now been disabled. We have also put in place additional security measures to best prevent a similar incident happening in the future. Clarksons would like to reassure clients and shareholders that this incident has not, and does not, affect its ability to do business.

Today, the person or persons behind the incident may release some data. As a responsible global business, Clarksons has been working with the police in relation to this incident. In addition, the data at issue is confidential and lawyers are on standby wherever needed to take all necessary steps to preserve the confidentiality in the information.

Clarksons would like to apologize to shareholders, clients and staff for any concerns this incident may raise. The company is in the process of contacting potentially affected clients and individuals directly.

Since this recent incident, Clarksons has been working with data security specialists to investigate further and has notified the relevant regulatory bodies. Clarksons takes issues of IT security extremely seriously and continues to invest heavily to further enhance the systems and procedures it has in place. As part of this, the company is continuing with a wider review of cyber security that began earlier this year and is, for example, accelerating the roll-out of various additional IT security measures.

Andi Case, CEO of Clarksons, commented: “Issues of cybersecurity are at the forefront of many business agendas in today’s digital and commercial landscape and, despite our extensive efforts we have suffered this criminal attack. As you would rightly expect, we’re working closely with specialist police teams and data security experts to do all we can to best understand the incident and what we can do to protect our clients now and in the future. We hope that, in time, we can share the lessons learned with our clients to help stop them from becoming victims themselves. In the meantime, I hope our clients understand that we would not be held to ransom by criminals, and I would like to sincerely apologize for any concern this incident may have understandably raised.”

Given the ongoing investigations it would be inappropriate for Clarksons to make any additional comments at this time.