Halliburton Confirms Data Stolen in Cyberattack

US oil service giant Halliburton on Tuesday confirmed corporate data was stolen from its computer systems during an August ransomware cyberattack.

In an updated SEC filing, Halliburton stopped short of confirming a ransomware extortion scheme but said the cyberattack caused significant disruptions and limitation of access to portions of its IT systems.

In addition, the Houston, TX company said the hackers “accessed and exfiltrated information” from its corporate systems. “[We are] evaluating the nature and scope of the information, and what notifications are required,” Halliburton said.

The company’s acknowledgement of data loss comes just days after the experts pinned the blame for the cyberattack on a known ransomware gang called RansomHub. The cybersecurity agency CISA, the FBI, the HHS and the Multi-State Information Sharing and Analysis Center (MS-ISAC) on Thursday published a joint advisory detailing RansomHub attacks.

Halliburton said it activated its cybersecurity response plan and launched an investigation internally with the support of external advisors to assess and remediate the breach. The company said response efforts included proactively taking certain systems offline to help protect them and notifying law enforcement.

Halliburton employs about 55,000 though hundreds of subsidiaries, affiliates and brands in more than 70 countries.

The oil and gas industry has been a lucrative target for ransomware actors that use leak sites to shame victim organizations into paying ransom demands. Back in 2021, Colonial Pipeline confirmed it shelled out $4.4 million to purchase a decryption key to recover from the disruptive ransomware attack that caused gasoline shortages in parts of the United States.

Related: US Gov Issues Warning About Halliburton Ransomware Attack

Related: Oil Giant Halliburton Confirms Cyber Incident, Details Scarce

Related: Colonial Pipeline Says Personal Information Impacted in Cyberattack

Related: US Recovers Most of Ransom Paid in Colonial Pipeline Hack

Related: Colonial Pipeline CEO Explains $4.4M Ransomware Payment