Svitzer becomes one of the first companies to disclose a breach under Australia’s NDB scheme.

A data breach affecting the Australian division of Danish marine services company, Svitzer, has resulted in the personal information of around 500 employees being compromised.

According to reports, a hack against the Maersk subsidiary started in May last year and continued for 11 months, during which time around 50,000 company emails may have been accessed by an unauthorized third party.

Copenhagen-based Svitzer operates a fleet of 430 tugboat and towage vessels, which are used to provide assistance to marine fossil fuel extraction operations, such as oil rigs and liquid natural gas terminals.

The breach is among the first incidents to be disclosed under Australia’s Notifiable Data Breaches scheme, which came into effect on February 22.

“The data theft incident… is limited to our Australia operation only,” Michala Paulli, global head of communications for Svitzer, told The Daily Swig.

“All relevant stakeholders including our Australian customers have been informed directly.”

The breach follows last year’s announcement that Svitzer’s parent company, AP Moller-Maersk, fell victim to the NotPetya ransomware attack.

The incident caused delays and disruptions to Maersk terminals in four countries, with the shipping giant saying the total cost for dealing with the cyber-attack could amount to $300 million.