Oil and gas giant Halliburton has confirmed that its data was stolen in a cyberattack linked to the RansomHub ransomware group. The company is currently assessing the scope of the leak and the potential impact on its business.
Halliburton is one of the world’s largest oil and gas companies that produces oil and gas and provides services in the energy industry. Cybercriminals often target large companies because such attacks can have significant financial and reputational consequences.
On September 3, 2024, Halliburton confirmed the data breach in a filing with the US Securities and Exchange Commission (SEC). The document reported that an unknown attacker gained unauthorized access to the company’s systems and stole confidential information. After discovering the attack, the company asked Mandiant to investigate and fix the breach.
According to preliminary reports, the cyberattack caused significant disruptions to the company’s IT systems, which was confirmed by discussions on Reddit, where internal Halliburton employees said they were having difficulty accessing business applications. Initially, the company did not provide additional information, but it was revealed that the attack was carried out by the RansomHub group, which uses ransomware to hold stolen data for ransom.
Cybercriminals demanded a ransom to unlock the system, and Halliburton had to temporarily shut down certain systems to prevent further spread of the threat. Despite this, the company said that the incident will not have serious financial consequences, although legal and reputational risks cannot be ruled out.