Cyber Incident Victim: Port of Seattle

On August 24, 2024, the Port of Seattle—operator of Seattle-Tacoma International Airport (Sea-Tac)—reported via social media that it was experiencing system outages indicative of a "possible cyberattack." Initial disruptions emerged on Saturday morning, affecting public-facing digital infrastructure including the Port’s websites and phone systems. Sea-Tac Airport corroborated these technical issues, advising travelers that operational teams were investigating the incident while working to restore services. By late Saturday evening, full functionality had not been recovered, with no estimated restoration timeline provided. The airport directed passengers to utilize airline-specific mobile applications for boarding passes and baggage tagging to circumvent affected systems, while also recommending additional time for check-in and security processes due to ongoing technical limitations.

As of Sunday morning Pacific Time, the Port of Seattle’s web infrastructure remained partially or fully offline, based on external DNS record analysis. The Transportation Security Administration confirmed that security screening operations at Sea-Tac continued without disruption despite the cyber incident. The Port maintained active engagement through social channels to communicate service limitations, though restoration efforts persisted without resolution at the time of reporting. This event occurred within weeks of a separate global IT outage caused by a CrowdStrike software update in late July 2024, though no connection between the two incidents was indicated. The Biden administration’s February 2024 executive order targeting port cybersecurity infrastructure modernization provided contextual background but no direct linkage to this specific incident response.