Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Ransomware

Halliburton Confirms Data Stolen in Cyberattack

The US oil giant updated an SEC filing to confirm malicious hackers “accessed and exfiltrated information” from its corporate systems.

Halliburton ransomware

US oil service giant Halliburton on Tuesday confirmed corporate data was stolen from its computer systems during an August ransomware cyberattack.

In an updated SEC filing, Halliburton stopped short of confirming a ransomware extortion scheme but said the cyberattack caused significant disruptions and limitation of access to portions of its IT systems.

In addition, the Houston, TX company said the hackers “accessed and exfiltrated information” from its corporate systems. “[We are] evaluating the nature and scope of the information, and what notifications are required,” Halliburton said.

The company’s acknowledgement of data loss comes just days after the US government pinned the blame for the cyberattack on a known ransomware gang called RansomHub. The cybersecurity agency CISA, the FBI, the HHS and the Multi-State Information Sharing and Analysis Center (MS-ISAC) on Thursday published a joint advisory detailing RansomHub attacks.

Halliburton said it activated its cybersecurity response plan and launched an investigation internally with the support of external advisors to assess and remediate the breach. The company said response efforts included proactively taking certain systems offline to help protect them and notifying law enforcement.

Halliburton employs about 55,000 though hundreds of subsidiaries, affiliates and brands in more than 70 countries.

The oil and gas industry has been a lucrative target for ransomware actors that use leak sites to shame victim organizations into paying ransom demands. Back in 2021, Colonial Pipeline confirmed it shelled out $4.4 million to purchase a decryption key to recover from the disruptive ransomware attack that caused gasoline shortages in parts of the United States.

Related: US Gov Issues Warning About Halliburton Ransomware Attack

Advertisement. Scroll to continue reading.

Related: Oil Giant Halliburton Confirms Cyber Incident, Details Scarce

Related: Colonial Pipeline Says Personal Information Impacted in Cyberattack

Related: US Recovers Most of Ransom Paid in Colonial Pipeline Hack

Related: Colonial Pipeline CEO Explains $4.4M Ransomware Payment

Written By

Ryan Naraine is Editor-at-Large at SecurityWeek and host of the popular Security Conversations podcast series. He is a security community engagement expert who has built programs at major global brands, including Intel Corp., Bishop Fox and GReAT. Ryan is a founding-director of the Security Tinkerers non-profit, an advisor to early-stage entrepreneurs, and a regular speaker at security conferences around the world.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Hear from experts as they explore the latest trends, challenges and innovations in Attack Surface Management.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Janet Rathod has been named VP and CISO at Johns Hopkins University.

Barbara Larson has joined SentinelOne as Chief Financial Officer.

Amy Howland has been named Partner and CISO at Guidehouse.

More People On The Move

Expert Insights