hiveleak attacks Direct Ferries

Incident Date:

July 4, 2022

World map



hiveleak attacks Direct Ferries


Direct Ferries




Felixstowe, United Kingdom

Ipswich, United Kingdom

First Reported

July 4, 2022

Direct Ferries Suffers Ransomware Attack by Hiveleak Group

Direct Ferries, a premier ferry booking platform facilitating over 3000 connections across more than 700 ports globally, has fallen victim to a ransomware attack orchestrated by the Hiveleak group. This incident was disclosed on a dark web leak site, impacting the company's operational website,

As a pivotal entity in the transportation industry, Direct Ferries provides an extensive array of ferry routes and destinations. Its significant market presence and widespread popularity render it an attractive target for cybercriminals. The ramifications of such an attack are profound, potentially leading to service disruptions and considerable financial repercussions.

The Hiveleak group, notorious for its ransomware operations, compromises organizational data and encrypts computers, subsequently demanding a ransom for the restoration of access and the non-disclosure of stolen sensitive information. This group has previously executed high-profile cyberattacks, including those against JBS and Colonial Pipeline.

To date, Direct Ferries has not issued an official statement regarding the breach. The details surrounding the ransom payment and the company's recovery efforts remain speculative. This event underscores the persistent risk of ransomware attacks and highlights the critical need for comprehensive cybersecurity defenses.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.