When you buy through affiliate links in our content, we may earn a commission at no extra cost to you. Learn 
Halliburton, one of the world’s largest oil and energy corporations engaged in fracking, has confirmed it recently suffered a cyberattack.
In its latest filing with the Securities and Exchange Commission (SEC), the company confirmed that “an unauthorized third party gained access to” and “exfiltrated information from” its systems.
On August 21, Halliburton first notified the SEC about a potential cyberattack. At the time, it took down some of its systems and informed stakeholders about the likely breach, which has now been confirmed.
In the updated Form 8-K filing on August 30, the company said it was “evaluating the nature and scope of the information” before notifying stakeholders which might have been impacted.
Although the oil behemoth has refrained from disclosing the nature of the attack, Bleeping Computer recently identified it as tied to the RansomHub ransomware group. The company kept details to the minimum in its regulatory filing, but an email sent to the customers accessed by Bleeping Computer revealed the list of the indicators of compromise (IOCs) and IP addresses linked to the attack, enabling customers to detect impacted systems at their end.
RansomHub and 200+ Mega Targets
RansomHub is believed to have targeted hundreds of public services, utility providers, and private consulting firms. Its high-profile victims include healthcare provider Change Healthcare, non-profit credit union Patelco, pharmacy chain Rite Aid, US-based telecom provider Frontier Communications, and Christie’s auction platform.
The #FBI, @CISAgov and other partners have released a joint #CybersecurityAdvisory on Ransomhub, a ransomware-as-a-service (RaaS) variant that has claimed at least 210 victims in multiple critical infrastructure sectors. Click for details and mitigations: https://t.co/vnQ5H0uVo6 pic.twitter.com/2GnEXXIdiz
— FBI (@FBI) August 29, 2024
The Federal Bureau of Investigation (FBI), along with the Cybersecurity and Infrastructure Security Agency (CISA), the Multi-State Information Sharing and Analysis Center (MS-ISAC), and the Department of Health and Human Services (HHS), recently issued a joint advisory to at least 210 potential victims of ransomware in the health, energy, financial, infrastructure, telecom, and manufacturing sectors.
In the filing, Halliburton added that it believes it has not suffered any “material impact” on its finances or operations. This indicates the company may have averted any major data loss in the attack, though we wouldn’t be surprised if this were a stopgap effort to avert bad press and investors’ panic. TechCrunch also claims to have seen the ransom note from RansomHub, but the group’s data leak website has yet to publish any data related to the leak, suggesting negotiations — if any — might still be underway.
Despite claiming minimal damage, the company now assesses potential impact based on the disruption, including “potential litigation, changes in customer behavior, and regulatory scrutiny.”
