SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Ransomware

Halliburton Confirms Data Stolen in Cyberattack

The US oil giant updated an SEC filing to confirm malicious hackers “accessed and exfiltrated information” from its corporate systems.
Halliburton ransomware

US oil service giant Halliburton on Tuesday confirmed corporate data was stolen from its computer systems during an August ransomware cyberattack.

In an updated SEC filing, Halliburton stopped short of confirming a ransomware extortion scheme but said the cyberattack caused significant disruptions and limitation of access to portions of its IT systems.

In addition, the Houston, TX company said the hackers “accessed and exfiltrated information” from its corporate systems. “[We are] evaluating the nature and scope of the information, and what notifications are required,” Halliburton said.

The company’s acknowledgement of data loss comes just days after the experts pinned the blame for the cyberattack on a known ransomware gang called RansomHub. The cybersecurity agency CISA, the FBI, the HHS and the Multi-State Information Sharing and Analysis Center (MS-ISAC) on Thursday published a joint advisory detailing RansomHub attacks.

Halliburton said it activated its cybersecurity response plan and launched an investigation internally with the support of external advisors to assess and remediate the breach. The company said response efforts included proactively taking certain systems offline to help protect them and notifying law enforcement.

Halliburton employs about 55,000 though hundreds of subsidiaries, affiliates and brands in more than 70 countries.

The oil and gas industry has been a lucrative target for ransomware actors that use leak sites to shame victim organizations into paying ransom demands. Back in 2021, Colonial Pipeline confirmed it shelled out $4.4 million to purchase a decryption key to recover from the disruptive ransomware attack that caused gasoline shortages in parts of the United States.

Related: US Gov Issues Warning About Halliburton Ransomware Attack

Advertisement. Scroll to continue reading.

Related: Oil Giant Halliburton Confirms Cyber Incident, Details Scarce

Related: Colonial Pipeline Says Personal Information Impacted in Cyberattack

Related: US Recovers Most of Ransom Paid in Colonial Pipeline Hack

Related: Colonial Pipeline CEO Explains $4.4M Ransomware Payment

Written By

Ryan Naraine is Editor-at-Large at SecurityWeek and host of the popular Security Conversations podcast series. He is a security community engagement expert who has built programs at major global brands, including Intel Corp., Bishop Fox and GReAT. Ryan is a founding-director of the Security Tinkerers non-profit, an advisor to early-stage entrepreneurs, and a regular speaker at security conferences around the world.

More from

Latest News

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Webinar: Protecting Executives and Enterprises from Digital, Narrative and Physical Attacks
March 12, 2025

Join this in-depth briefing on how to protect executives and the enterprises they lead from the growing convergence of digital, narrative, and physical attacks.

Register

Webinar: Which Security Testing Approach is Right for You?
March 25, 2025

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

Cybersecurity firm Absolute Security announced Harold Rivas as its new CISO.

Simon Forster has been named the new General Manager of DNS security firm Quad9.

Cybersecurity training company Immersive has named Mark Schmitz as its new CEO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.