Cyber Incident Victim: Corsica Linea
Date:
Jan 2022
Location:
France
Summary
A cyberattack involving a malicious software intrusion attempt disrupted the Corsica Linea ferry company's website, forcing it offline and halting online reservations. The company confirmed no personal data compromise occurred but proactively disconnected servers and implemented corrective security measures. While online bookings were suspended, ticket purchases remained available via phone support and physical agencies, with all scheduled departures operating normally. The incident primarily affected last-minute reservations during a low passenger season, leaving freight operations untouched. The organization collaborated with France's national cybersecurity agency (ANSSI) to investigate the attack, though identifying the intrusion source proved challenging. Customer options were preserved, and modifications to existing bookings were offered without additional fees.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 3 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On January 28, 2022, Corsica Linea experienced a cybersecurity incident involving a malicious software intrusion attempt on its website, disrupting online booking services. The company identified the intrusion as a "tentative d'intrusion d'un logiciel malveillant" and proactively disconnected its servers as a preventive measure to contain the threat. Technical investigations confirmed no compromise of customer personal data, with Corsica Linea emphasizing this point in public communications to reassure users. Immediate corrective actions were implemented to restore optimal security, though the website remained offline for reservations during this period. Customers seeking last-minute bookings were directed to physical agencies in Bastia and Ajaccio or a newly established non-surcharged phone line (04.95.34.55.72) for assistance. The company guaranteed the preservation of existing ticket options, waived modification fees for affected bookings, and confirmed all scheduled departures would operate normally despite the disruption.
The incident primarily impacted passenger reservations, with freight operations remaining unaffected. Corsica Linea's director Pierre-Antoine Villanova noted the timing limited broader consequences, as the off-season period meant fewer passengers and most holiday tickets had already been booked. The company collaborated with France's National Agency for the Security of Information Systems (ANSSI) to analyze the attack, though Villanova acknowledged difficulties in tracing the intrusion's origin. Full website functionality was projected to resume by the afternoon of February 1, 2022. Corsica Linea issued public apologies to customers inconvenienced by the last-minute booking disruptions while maintaining operational continuity for existing reservations and vessel schedules throughout the incident.