Cyber Incident Victim: Hurtigruten

On December 14, 2020, Norwegian cruise and ferry operator Hurtigruten experienced a cyber attack that disrupted its operations. The company confirmed the incident in a public statement released the same day, noting that multiple critical systems became inoperable as a direct result of the attack. Hurtigruten, which operates coastal ferries along Norway’s coastline and expedition cruises in polar regions under normal circumstances, did not specify the exact nature or technical mechanism of the attack. The disruption affected undisclosed "key systems," though the company withheld details about which specific operational, booking, or administrative functions were impaired. No evidence suggested passenger safety was compromised during the incident. Hurtigruten’s disclosure did not indicate whether customer data or financial information was accessed or exfiltrated during the breach. The attack occurred during a period of reduced operations due to the COVID-19 pandemic, though the company did not elaborate on whether this context influenced the attack’s impact or detection.

Hurtigruten immediately acknowledged the incident through its official communication channels but did not describe any containment or remediation measures taken in response. The company emphasized in its statement that it did not anticipate the cyber attack would result in a "material financial effect" on its operations, though it provided no supporting data or timeframe for this assessment. No threat actor group claimed responsibility for the attack in the immediate aftermath, and Hurtigruten did not attribute the incident to any specific actor or motive. The company’s operations continued in some capacity during the disruption, though the extent of residual functionality remained unspecified. No further updates regarding system restoration, forensic investigations, or regulatory notifications were disclosed in the initial statement or subsequent public reports referenced in the source material.