Saudi Arabia’s state oil company acknowledged that some of its data is being held for ransom online.
Aramco said it likely came from a third-party contractor; denying there’s been any breach of its computer systems.
The company confirmed to AP on Wednesday it “recently became aware of the indirect release of a limited amount of company data which was held by third-party contractors.” The contractor was not identified, and it was unclear whether the data was obtained through hacking or leaking or some other way.
A website on the dark web claims to sell data from Saudi AramcoProof includes 34 mid-res images.Screenshots with PII are redacted; making verification impossible. pic.twitter.com/BP8C2GeOQk
— Catalin Cimpanu (@campuscodi) July 19, 2021
“We confirm that the release of data was not due to a breach of our systems; has no impact on our operations and the company continues to maintain a robust cybersecurity posture,” Aramco said in a statement.
Files purported to belong to the company began appearing on ‘dark web’ sites on Tuesday; along with a demand for $50 million worth of cryptocurrency to have the data deleted.
It was unclear who was demanding the ransom.
Aramco is valued at around $1.8 trillion.
The company has been targeted by cyber attacks in the past, for which the US and Saudi Arabia blamed Iran.
In 2017, a virus disrupted computers at Sadara, a joint venture between Aramco and the US-based Dow Chemical Co.
Officials claimed it might have been another version of Shamoon; the virus that in 2012 forced the Saudi oil giant to shut down its network and destroy some 30,000 computers.