Oil field services giant Halliburton confirmed in late August that its operations had fallen victim to a cyber attack.
Details began to emerge when Halliburton filed a notice with the Securities & Exchange Commission (SEC), acknowledging that it had learned of the attack and immediately activated a response plan.
This plan reportedly included taking certain affected systems offline, as well as notifying authorities.
In the weeks following, the Houston-based company confirmed further details – specifically, revealing that an unauthorized third party had “removed data from its systems,” according to Reuters. The report went on to say that Halliburton did not believe the breach of the data would generate “material impact.”
While few details are yet available on the methods utilized, cybersecurity experts warn that the energy sector should remain on high alert for malicious activity.
According to IT security firm Eftsure, this business segment has become increasingly attractive due to its valuable IP and critical infrastructure, adding in a recent blog post that this incident “follows a pattern of attacks on oil and gas companies, including the Colonial Pipeline ransomware attack in 2021, during which the company was forced to pay $4.4m in ransom.”
And despite Halliburton’s suggestion that the breach was immaterial, it did admit that it would likely see financial losses related to the event. According to the SEC filing, Halliburton said certain expenses “could continue to occur” and that the company "remains subject to various risks" because of the hack.