Energy big Halliburton has confirmed its methods had been hacked and that intruders “accessed and exfiltrated data” following a cyberattack final week.
In a quick submitting with authorities regulators on Tuesday, Halliburton mentioned it was “evaluating the character and scope of the [stolen] data,” and what knowledge breach notifications it’s required to make.
Halliburton final week mentioned it took a few of its methods offline following the detection of the cyberattack. The firm now says it’s “working to determine results of the incident” on its ongoing oil and fracking operations.
When contacted on Tuesday, Halliburton spokesperson Amina Rivera didn’t remark or say if the corporate is aware of what varieties of knowledge had been stolen. “We aren’t commenting past what was included in our submitting,” mentioned Rivera.
Halliburton says its “ongoing investigation and response” contains the restoration of its methods and the “evaluation of impacted knowledge.” Much of the corporate’s public-facing methods stay offline on the time of writing, TechCrunch has discovered.
The oil and fracking big — one of many world’s largest power firms — has near 48,000 workers in dozens of nations, in accordance with its most up-to-date public filings. Halliburton stays largely synonymous with the explosion and oil spill attributable to the Deepwater Horizon oil rig catastrophe within the Gulf of Mexico in 2010 (pictured). Halliburton subsequently agreed to plead responsible and settle U.S. authorities fees for $1.1 billion.
Halliburton has mentioned little else in regards to the ongoing cyberattack. When requested, Halliburton spokesperson Rivera didn’t dispute the incident was linked to ransomware.
TechCrunch has seen a replica of a ransom notice purportedly associated to the Halliburton incident that claims to have encrypted and stolen the corporate’s information. The notice says a ransomware gang often called RansomHub is taking credit score for the cyberattack.
RansomHub’s darkish net leak web site, which the gang makes use of to publish stolen information to extort its victims into paying a ransom, has not but listed Halliburton as one in all its victims. It’s not unusual for ransomware and extortion gangs to publish the identify of its victims when negotiations fall by.
A consultant for RansomHub, when reached by TechCrunch, didn’t touch upon the Halliburton hack.
According to a current U.S. authorities evaluation of the ransomware gang, RansomHub has claimed over 210 victims since its inception in February 2024. The gang can be linked to the cyberattack at U.S. well being tech big Change Healthcare.
Halliburton mentioned it has and can proceed to incur bills associated to the cyberattack. Halliburton made $23 billion in income throughout 2023, and its chief govt Jeff Miller made $19 million in complete govt compensation through the yr.
Halliburton wouldn’t say who presently oversees cybersecurity on the firm, and wouldn’t make them accessible for an interview.
Do you already know extra in regards to the Halliburton incident? You can contact this reporter on Signal and WhatsApp at +1 646-755-8849, or by electronic mail. You can also contact us through SecureDrop.
