Some services at Petro-Canada gas stations have been disrupted following a cyberattack on parent company Suncor, one of the largest energy companies in North America.
Suncor is a Canada-based company that produces oil and runs several refineries in North America. The organization owns a network of more than 1,800 Petro-Canada retail and wholesale locations.
In a brief statement issued on June 25, Suncor said it had experienced a cybersecurity incident that may impact some transactions with suppliers and customers. The company said it brought in third-party experts to aid investigation and response efforts, and noted that authorities have been notified.
“At this time, we are not aware of any evidence that customer, supplier or employee data has been compromised or misused as a result of this situation,” the company said.
On June 26, Petro-Canada said on Twitter that it’s working with Suncor to respond to the cybersecurity incident, informing customers that some services may be unavailable, including credit card payments and car washes.
Petro-Canada also informed customers that they will not be able to log into their loyalty program account from the app or website.
It’s unclear if the disruptions have been caused by a ransomware attack. In these types of attacks, cybercriminals can encrypt files and steal data from the victim’s systems — they can conduct only one or both types of activities.
In 2021, American oil pipeline system Colonial Pipeline was targeted in a ransomware attack that resulted both in significant disruption and the theft of information, with the company paying millions of dollars to the attackers.
SecurityWeek has sent an email to Suncor asking if the incident involved ransomware and whether the company received a ransom demand from the attackers. This article will be updated if the energy giant responds.
Threat actors have been observed selling access to energy organizations, including oil and gas firms, on cybercrime forums.
Related: US Offshore Oil and Gas Infrastructure at Significant Risk of Cyberattacks
Related: ABB Oil and Gas Flow Computer Hack Can Prevent Utilities From Billing Customers
Related: European Oil Port Terminals Hit by Cyberattack
Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- China’s Offensive Cyber Operations in Africa Support Soft Power Efforts
- SANS Survey Shows Drop in 2023 ICS/OT Security Budgets
- Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones
- Cisco to Acquire Splunk for $28 Billion
- Car Cybersecurity Study Shows Drop in Critical Vulnerabilities Over Past Decade
- Omron Patches PLC, Engineering Software Flaws Discovered During ICS Malware Analysis
- Intel Launches New Attestation Service as Part of Trust Authority Portfolio
- Atos Unify Vulnerabilities Could Allow Hackers to Backdoor Systems
Latest News
- Researchers Discover Attempt to Infect Leading Egyptian Opposition Politician With Predator Spyware
- In Other News: New Analysis of Snowden Files, Yubico Goes Public, Election Hacking
- China’s Offensive Cyber Operations in Africa Support Soft Power Efforts
- Air Canada Says Employee Information Accessed in Cyberattack
- BIND Updates Patch Two High-Severity DoS Vulnerabilities
- Faster Patching Pace Validates CISA’s KEV Catalog Initiative
- SANS Survey Shows Drop in 2023 ICS/OT Security Budgets
- Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones
