Energy industry contractor ENGlobal Corporation discloses a ransomware attack
ENGlobal Corporation disclosed a ransomware attack, discovered on November 25, disrupting operations, in a filing to the SEC.
A ransomware attack disrupted the operations of a major energy industry contractor, ENGlobal Corporation.
Founded in 1985, ENGlobal Corporation designs automated control systems for commercial and government sectors, reporting $6 million in Q3 revenue and $18.4 million year-to-date.
According to the FORM 8-K report filed with the U.S. Securities and Exchange Commission (SEC), the company discovered the attack on November 25. The threat actors had access to the company’s information technology systems and encrypted some of its data files. The investigation into the security breach is still ongoing and the company is remediating the incident with the help of external cybersecurity specialists.
“On November 25, 2024, ENGlobal Corporation (the “Company”) became aware of a cybersecurity incident. The preliminary investigation has revealed that a threat actor illegally accessed the Company’s information technology (“IT”) system and encrypted some of its data files.” reads the report filed with SEC. “Upon detecting the unauthorized access, the Company immediately took steps to contain, assess and remediate the cybersecurity incident, including beginning an internal investigation, engaging external cybersecurity specialists, and restricting access to its IT system.”
“As a result of these and other measures, and while the investigation and remediation efforts remain ongoing, access to the Company’s IT system is limited to essential business operations.” ù
At this time, the company is not able to provide the timing of the restoration of full access to its IT systems.
ENGlobal Corporation is assessing whether the cybersecurity incident will significantly affect its financial condition or operations.
No ransomware gang has claimed responsibility for the attack.
At the end of October, another energy industry contractor, Newpark Resources, reported a ransomware attack that disrupted operations and limited access to internal information systems.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, ransomware)
目录
最新
- Codefinger ransomware gang uses compromised AWS keys to encrypt S3 bucket
- CVE-2024-44243 macOS flaw allows persistent malware installation
- FBI deleted China-linked PlugX malware from over 4,200 US computers
- Russia-linked APT UAC-0063 target Kazakhstan in with HATVIBE malware
- A new campaign is likely targeting a zero-day in Fortinet FortiGate firewalls
- Threat actors exploit Aviatrix Controller flaw to deploy backdoors and cryptocurrency miners
- U.S. CISA adds BeyondTrust PRA and RS and Qlik Sense flaws to its Known Exploited Vulnerabilities catalog
- Inexperienced actors developed the FunkSec ransomware using AI tools