Cyber Incident Victim: Cosco Shipping

On March 9, 2021, reports emerged alleging that China’s Cosco Shipping had been hacked by a threat actor identified as LORDBR. The incident was initially covered by Splash247.com, though specific details regarding the attack vector, compromised systems, or operational disruptions were not disclosed in the available source material. This report surfaced alongside unrelated cyberattacks targeting a French hospital and Spain’s public employment service (SEPE), creating a broader context of heightened cyber activity during that period. The timing placed the alleged Cosco breach around March 8–9, coinciding with the ransomware incidents in Europe. No explicit confirmation or denial from Cosco Shipping was documented at the time of the initial reporting, and the original Splash247.com article was later removed without explanation, casting uncertainty on the claims.

Following the removal of the source article, DataBreaches.net updated its coverage on March 9 to classify the Cosco incident as unconfirmed and under investigation. The outlet formally reached out to Cosco Shipping for clarification but had not received a response by the publication deadline. No further corroborating evidence—such as ransom demands, data leaks, or technical indicators of compromise—was publicly verified. The absence of attributable impacts, such as fleet operations disruptions or data exfiltration, left the scope and severity of the alleged breach undetermined. The incident remained unresolved in public reporting, with no subsequent updates from Cosco or independent verification from cybersecurity authorities cited in the available sources.