Maersk Line reported that its operations and communications were significantly affected by the attack, but "no data breach or data loss to third-parties is known to have occurred as of this date." Customer systems connected to Maersk's IT were not affected and were not at risk, as confirmed by Maersk's internal staff and by external cyber experts, who report that Petya is not able to spread between networks.
In the wake of the attack, many external observers wondered whether Maersk Line's servers were properly patched and updated. Petya used an exploit similar to the "WannaCry" malware to move between computers running older, unpatched versions of Windows. Maersk Line said that patches and antivirus software were not an effective form of protection against Petya, and that it has added new defenses.
The carrier said that intends to conduct an internal review after its systems are back up to normal, and will share lessons from the attack with its customers and partners.
Timely, incisive articles delivered directly to your inbox.