Halliburton, one of the world’s largest providers of services to the energy industry, has confirmed a cyberattack that forced it to shut down some of its systems earlier this week.
“On August 21, 2024, Halliburton Company (the “Company”) became aware that an unauthorized third party gained access to certain of its systems,” the oil services giant said in a filing with the U.S. Securities and Exchange Commission (SEC).
“When the Company learned of the issue, the Company activated its cybersecurity response plan and launched an investigation internally with the support of external advisors to assess and remediate the unauthorized activity.”
The company added that the incident (first reported by Reuters on Wednesday based on information provided by anonymous sources) prompted it to shut down some systems to contain the breach.
Halliburton also reported the breach to relevant law enforcement agencies, and its IT experts are now working on restoring affected devices and assessing the attack’s impact.
“The Company’s response efforts included proactively taking certain systems offline to help protect them and notifying law enforcement. The Company’s ongoing investigation and response include restoration of its systems and assessment of materiality,” Halliburton said.
“The Company is communicating with its customers and other stakeholders. The Company is following its process-based safety standards for ongoing operations under the Halliburton Management System, and is working to identify any effects of the incident.”
Nature of the attack yet to be revealed
The oil services provider has yet to reveal the nature of the attack, with a Department of Energy spokesperson confirming on Thursday that “the exact nature of the incident is unknown at this time.”
Founded in 1919, Halliburton employs over 40,000 people and provides oil technologies, products, and services to energy companies worldwide. In July, Halliburton reported revenues of $5.8 billion and an operating margin of 18% for the second quarter of 2024.
A Halliburton spokesperson was not immediately available for comment when contacted by BleepingComputer earlier today.
In 2021, the DarkSide ransomware gang hit the systems of Colonial Pipeline, the largest fuel pipeline in the United States, which supplies roughly half of all the fuel on the U.S. East Coast, forcing it also to take some systems offline to contain the attack and temporarily halt all pipeline operations.
The DarkSide ransomware gang abruptly shut down after increased attention from law enforcement, the U.S. government, and the media, but not before Colonial Pipeline paid $4.4 million in cryptocurrency for a decryptor, most later recovered by the FBI.