A cyber attack hit Petróleos de Venezuela (PDVSA) disrupting export operations
December 16, 2025
A cyber attack hit Petróleos de Venezuela (PDVSA), Venezuela’s state-owned oil company, over the weekend, disrupting its export operations.
Venezuela’s state oil company PDVSA was hit by a cyberattack over the weekend that disrupted export operations. The company says the incident only affected some administrative systems and did not impact operations.
“Thanks to the expertise of Pdvsa’s human talent, operational areas were not affected in any way; the attack was limited to its administrative system,” reads a statement published by the company on Telegram.
PDVSA said security protocols prevented supply or export disruptions, framing the cyber incident as an attempted aggression linked to alleged U.S. efforts to seize Venezuelan oil.
“We categorically reject this despicable action orchestrated by foreign interests,” continues the statement. The Venezuelan government labeled the security incident as an attempt to attack “the right to sovereign energy development.” “It must be remembered,” it concludes, “that this is not the first time that the United States government, allied with extremist sectors, has sought to undermine national stability and steal Christmas from the Venezuelan people.”
PDVSA instructed employees to shut down computers, disconnect external devices, and disable WiFi and Starlink, while reinforcing security at its facilities.
“PDVSA told staff to shut down computers, disconnect external hardware and cut off WiFi and Starlink connections, the people said, citing an internal memo seen by Bloomberg. Security at company facilities has also been reinforced since Sunday.” reported Bloomberg. “In a statement Monday, the company said it had neutralized a “sabotage attempt” aimed at disrupting its operations. It added that oil output wasn’t affected.”
This response is usually associated with ongoing ransomware attack. A PDVSA source told Reuters that the company detected a ransomware attack days earlier, and antivirus remediation efforts ended up disrupting the entire administrative system.
“There’s no delivery (of cargoes), all systems are down,” one company source told Reuters.
The cyberattack occurred amid rising tensions between Venezuela and the United States, following the recent U.S. seizure of a sanctioned oil tanker carrying Venezuelan crude, the first since OFAC sanctioned PDVSA in 2019. The company accused the U.S. and domestic collaborators of orchestrating the attack to destabilize the country, claiming it was part of a strategy to seize Venezuelan oil. The state oil company strongly rejected the alleged aggression, framing it as an attack on Venezuela’s sovereign energy development.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, Venezuela)