Cyber Incident Victim: Mediterranean Shipping Co
Date:
Apr 2020
Location:
Switzerland
Summary
A container shipping company experienced a network outage at its Geneva data center, suspected to stem from malware, which disrupted its website and customer portal, halting self-service booking tools. Alternative platforms remained operational, allowing bookings via third-party services, email, and phone. The firm proactively shut down affected servers for security but maintained global operations without disruption, with local agents supporting customers normally. Significant progress was reported in resolving the issue, with expectations of a prompt resolution.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On or around April 9, 2020, Mediterranean Shipping Company (MSC) experienced a network outage impacting critical digital services, including its primary website msc.com and the customer-facing myMSC portal. The disruption became publicly evident when MSC announced the issue via its MSC Cargo Twitter account on April 10, attributing it to an incident at one of its data centers. The outage disabled self-service functionalities for managing bookings and cargo shipments through MSC’s platforms, forcing customers to rely on alternative channels such as email, phone, and third-party platforms INTTRA and GT Nexus, which remained operational. Despite the digital service interruptions, MSC emphasized that physical operations—including terminals, depots, and agency networks worldwide—continued without disruption, with local agents providing standard customer support. The company initiated an investigation but indicated uncertainty regarding the root cause, stating it could not entirely rule out malware as a potential factor while avoiding explicit confirmation of a cyberattack.
In response to the incident, MSC proactively shut down servers at its Geneva headquarters as a security precaution, limiting the impact to internal data processes rather than core logistical functions. Regular updates via Twitter communicated progress, with an April 12 post noting "significant progress" toward resolution and expressing confidence in an imminent fix. No data breach or ransomware claims were disclosed, and the company maintained operational continuity for non-digital services throughout the outage. The timeline from initial disruption to partial mitigation spanned at least four days, with public communications focusing on service restoration efforts rather than technical specifics of the investigation. MSC’s contingency measures ensured minimal disruption to customer bookings while internal teams addressed the data center issues, though the exact resolution date and forensic findings were not detailed in available reports.