Operations across our Brisbane, Fremantle, Melbourne, and Sydney terminals have now resumed, and our thorough investigation process, conducted in collaboration with relevant authorities, has identified the entry point for the cyber-attack.
Following the investigation, we can confirm that some data has been breached from our Australian corporate network. While no customer data was compromised, unfortunately, some personal employee information has been breached. For more information, please refer to the frequently-asked-questions (FAQs) below:
On Friday 10 November 2023, our technology team detected suspicious network traffic within our corporate network. Our team identified that an unknown third party had gained unauthorised access to our network.
To contain the incident, the technology team disconnected our network from the Internet, resulting in the disconnection of all external communications including those required for land-side port operations.
We commenced an investigation and engaged cybersecurity specialists to assist with incident containment and forensic analysis. We resumed full operations from 9AM AEDT on Monday 13 November 2023.
The investigation has confirmed that an unauthorised third party gained access to some of our systems, including some user accounts. The investigation into the cause of the incident remains ongoing, and it may take some time to finalise.
We have been working with the Australian Signals Directorate/Australian Cyber Security Centre, the National Cyber Security Coordinator, the Minister for Home Affairs and Cyber Security, the Minister for Infrastructure, Transport and Regional Development and the Australian Federal Police.
The National Coordination Mechanism (NCM) was implemented, and we held regular briefing sessions with the NCM participants. We have also provided briefings to the Office of the Australian Information Commissioner.
In addition, we have been updating customers and employees with regular updates.
We are committed to keeping our employees updated as more information comes to hand.
The incident resulted in us disconnecting access to the Internet which resulted in the disconnection of all external communications, including those required for land-side port operations. Full operations across our terminals resumed from 9AM AEDT on Monday 13 November 2023.
The forensic investigation has identified that data was accessed and exfiltrated (removed) from our network. We are currently reviewing the impacted data as a priority, but this is a process that may take some time.
Our cybersecurity advisers have confirmed that the incident has been successfully contained, and there is no further evidence of any malicious activity on our network. Various remediation activities are ongoing as we continue to strengthen our network security and defences.
The investigation into the cyber incident is ongoing. We are working closely with our cybersecurity advisers and reviewing the impacted data as a matter of priority.
Yes, we will provide further updates as they become available. We also encourage you to check back to this site for the latest information. As our data review progresses, we will directly inform individuals if any of their personal information has been impacted.
Should you have any further questions or concerns, please reach out to our Staff Assist email address: staffassist@dpworld.com.au
We are currently reviewing the impacted data to identify any personal information that may have been affected. We will directly inform individuals who may be impacted.
We are currently reviewing the impacted data to identify any personal information (including financial information) that may have been impacted. We will directly inform individuals who may be impacted.
If you suspect or identify unusual activity in your DP World account, please contact the technology team immediately – dpwa_itadmin@dpworld.com.au
If you have concerns that a personal account may be impacted, we recommend changing the password immediately (to a strong, unique password), implementing multi-factor authentication should it be available and following any other recommendations regarding account security that the provider may set out.
We take your privacy and security very seriously and understand that a cyber incident of this nature may cause you concern. This is why we have arranged the free support of IDCARE - Australia and New Zealand’s national identity and cyber support service - to provide you with expert advice on identity protection. To take up the free support, please contact an IDCARE Case Manager on 1800 467 033 and quote reference DPWD23.
As our investigation progresses, we urge you to remain vigilant and we recommend:
- regularly updating your passwords with strong, unique combinations and not re-using passwords;
- remaining alert to potential scams, especially through email, text or phone;
- not responding to, opening or clicking on links in emails/text messages if you are unsure about the sender;
- staying informed about current scams and protection measures by visiting www.scamwatch.gov.au and www.cyber.gov.au; and
- visiting IDCARE’s Learning Centre at www.idcare.org/learning-centre and the OAIC website at www.oaic.gov.au for more resources on protecting your personal information.
Scam communications can come in many forms, including email, SMS/chat message, social media and by phone. We recommend:
- remaining vigilant to calls from unknown numbers, particularly where the caller is attempting to solicit personal information;
- contacting the provider directly if you are you are in doubt about the authenticity of the sender/caller;
- not responding to, opening or clicking on links in emails/text messages if you are unsure about the sender;
- keeping informed of the latest scams by visiting the National Anti-Scam Centre at https://www.scamwatch.gov.au/.
If you receive suspicious communications to your DP World email address, please report these to staffassist@dpworld.com.au