fb-pixel Skip to main content

Steamship Authority reservation systems back online following ransomware attack

Reservations for the Steamship Authority ferry can once again be made on its website, with dates available through Oct. 18.
Reservations for the Steamship Authority ferry can once again be made on its website, with dates available through Oct. 18.Maddie Meyer/Getty

Passengers can once again make online reservations for the Steamship Authority after a ransomware attack disrupted the ferry service’s website this month, the authority said in a statement Saturday.

The attack affected the ferry service’s online reservation and payment systems throughout the past week. Passengers were unable to book travel online or by phone and were asked to use cash during transactions at authority terminals.

A Steamship Authority spokesman denied to comment Saturday on the cause of the attack or what measures have been taken to resolve it.

Reservations can now be made on steamshipauthority.com, over the phone at 508-477-8600, or in person at a Steamship Authority terminal, the statement said.


Passengers can book trips through Oct. 18., with fall reservations becoming available on June 28.

All restrictions on when reservations can be made have been lifted. The authority said reservations made before the June 2 attack do not have to be rebooked.

The authority’s reservation office has extended its hours to 7 a.m. to 6 p.m. this weekend to “better assist customers,” the statement said, and reservation confirmation e-mails “may be intermittent.”

Wait-list requests for travel do not have to be resent, according to the statement. The authority said it is processing all wait-list requests made for July 1 and after, and will soon process requests for dates before July 1.

Passengers can also now use credit cards at the authority’s terminals and parking lots.

“Thank you to our customers for their patience as we have worked to restore access to our reservations systems, and a special thank you to our employees for all of their hard work,” the authority said in the statement.

The incident follows several major cyberattacks on companies operating in the United States.

A May 30 ransomware attack against JBS, the world’s largest meat processor, disrupted the company’s servers and temporarily halted production at some plants. Earlier that month, a similar attack stoked fears of a gas shortage when it shut down large parts of the Colonial Pipeline, which transports nearly half of the East Coast’s gas supply.


The White House said the attacks likely come from cybercriminals in Russia.

Hackers in both of those attacks called for the affected companies to pay them in cryptocurrency.

JBS announced in a statement Wednesday that it had paid hackers $11 million to “mitigate any unforeseen issues related to the attack and ensure no data was exfiltrated.”

The Wall Street Journal reported the transaction was made in Bitcoin, alarming some lawmakers in Washington over potential issues cryptocurrencies could pose for national security.

Caroline Enos can be reached at caroline.enos@globe.com. Follow her on Twitter @CarolineEnos.