Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Breaches

Oil Giant Halliburton Confirms Cyber Incident, Details Scarce

US oil giant Halliburton confirmed its computer systems were hit by a cyberattack that affected operations at its Houston offices.

Halliburton ransomware

US oil giant Halliburton on Thursday confirmed its computer systems were hit by a cyberattack that continues to affect operations at its Houston, Texas offices.

Halliburton, considered the world’s second largest oil service company, has engaged with external experts to investigate and mitigate the threat, according to a Reuters news report.

Technical details on the breach remain scarce but the compromise has all the hallmarks of a typical ransomware attack where sensitive data is encrypted and used in multi million-dollar extortion demands.

Reuters said the Halliburton cyberattack impacted the company’s north Houston campus, as well as some global connectivity networks.

In a statement sent to SecurityWeek, a Halliburton spokesperson said: “We are aware of an issue affecting certain company systems and are working diligently to assess the cause and potential impact. We have activated our preplanned response plan and are working internally, and with leading external experts, to remediate the issue.”

In a filing with the SEC on Friday, Halliburton said that on August 21, 2024, the company became aware that an unauthorized third party gained access to certain of its systems.

“When the Company learned of the issue, the Company activated its cybersecurity response plan and launched an investigation internally with the support of external advisors to assess and remediate the unauthorized activity,” the filing reads. “The Company’s response efforts included proactively taking certain systems offline to help protect them and notifying law enforcement. The Company’s ongoing investigation and response include restoration of its systems and assessment of materiality.”

Halliburton employs about 55,000 though hundreds of subsidiaries, affiliates and brands in more than 70 countries.

Advertisement. Scroll to continue reading.

The oil and gas industry has been a lucrative target for ransomware actors that use leak sites to shame victim organizations into paying ransom demands. Back in 2021, Colonial Pipeline confirmed it shelled out $4.4 million to purchase a decryption key to recover from the disruptive ransomware attack that caused gasoline shortages in parts of the United States.

*Updated August 23, 2024 with details from SEC filing

Related: Colonial Pipeline Confirms Personal Information Impacted in Cyberattack

Related: US Recovers Most of Ransom Paid in Colonial Pipeline Hack

Related: Colonial Pipeline CEO Explains $4.4M Ransomware Payment

Written By

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Hear from experts as they explore the latest trends, challenges and innovations in Attack Surface Management.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Jill Popelka has been appointed CEO at Darktrace, after serving as COO for three months.

GitHub has appointed Alexis Wales as its new Chief Information Security Officer.

Cybersecurity and intelligence solutions provider Nightwing has appointed Christopher Jones as CTO and CDO.

More People On The Move

Expert Insights