Saudi Aramco has confirmed the report that certain company files were leaked after hackers reportedly demanded a $50 million ransom from the world’s most-valuable oil producer.
The Middle Eastern oil major said in an email. “We confirm that the release of data was not due to a breach of our systems, has no impact on our operations, and the company continues to maintain a robust cybersecurity posture.” As reported by the AP agency, 1 terabyte of Saudi Arabian Oil Co. data had been held by an extortionist, citing a web page it had accessed on the darknet.
The statement came after a hacker claimed on the dark web that they had stolen 1 terabyte of Aramco’s data, according to a post from June 23 seen by the Financial Times. The hacker said it had obtained information on the location of oil refineries, as well as payroll files and confidential client and employee data.
The state-owned driller was offered the chance to have the data deleted for $50 million in cryptocurrency. Saudi Aramco’s facilities have been targeted in the past by both physical and cyber attacks.
The global energy industry has seen a ramp up in cyber attacks with Colonial Pipeline becoming the most visible of late. The oil and gas industry, which includes the companies that own wells, pipelines and refineries, has long been a laggard in security spending, according to consultants.