Saudi Aramco Confirms Data Breach After $50m Ransom Demand

Saudi Aramco has confirmed this week that some of its data has been compromised, after company data was leaked via a contractor.

According to the Financial Times, last month a cyber extortionist had claimed to have obtained a tranche of company data, and demanded a $50 million ransom from Saudi Aramco.

Now in a statement to the FT, the world’s largest oil producer confirmed the data leak, but insisted that its own systems had not been breached, and pointed to third-party contractors as being the source of the compromise.

Data compromise

Aramco said in a statement to the FT that it had “recently become aware of the indirect release of a limited amount of company data which was held by third-party contractors”.

The oil company did not name the supplier or explain how the data were compromised.

“We confirm that the release of data was not due to a breach of our systems, has no impact on our operations, and the company continues to maintain a robust cyber security posture,” Aramco added.

The statement came after a hacker claimed on the dark web that they had stolen 1 terabyte of Aramco’s data, according to a post from June 23 seen by the Financial Times.

The hacker said it had obtained information on the location of oil refineries, as well as payroll files and confidential client and employee data.

In another post, the perpetrator offered to delete the data if Aramco paid up $50m in a niche cryptocurrency Monero, which is particularly difficult for authorities to trace. The post also offered prospective buyers the chance to purchase the data for about $5m.

The Aramco breach on the surface does not seem to be a ransomware issue, but rather an old fashioned data breach that has seen company data been stolen.

The security vulnerabilities of critical industries such as oil producers, energy providers and others became a political issue at the highest level, following the ransomware compromise of Colonial Pipeline in the US earlier this year, which resulted in widespread fuel shortages across the east coast of America.

Previous attacks

Saudi Aramco’s facilities have been targeted previously by both physical and cyber attacks.

In 2019 its Abqaiq facility was hit by a series of missile and drone strikes that was claimed by Iran-backed Houthi rebels in Yemen. The US blamed Iran for the attack.

And in August 2012, Saudi Aramco struggled to recover its systems following a cyber attack, that forced it isolated all its electronic systems from outside access for a period of time.

The firm said that a virus had infected personal workstations without affecting the primary components of the network.

However it was later reported that the 2012 attack erased data on about three-quarters of Aramco’s computers.

The 2012 Saudi Aramco cyberattack was attributed to Iran – probably as a retaliation for the Stuxnet attack on Iran’s nuclear programme.

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Ericsson To Cut 1,200 Jobs in Sweden Amid ‘Challenging’ Market

Swedish telecoms giant Ericsson blamed “challenging mobile networks market” and “further volume contraction” for job…

11 hours ago

FTX’s Sam Bankman-Fried Sentenced To 25 Years In Prison For $8bn Fraud

Dramatic downfall. Sam Bankman-Fried sentenced to 25 years in prison for masterminding $8bn fraud that…

12 hours ago

Elon Musk Orders FSD Demo For Every Tesla US Sale

Fallout avoidance? Tesla buyers in the US must be shown how to use the FSD…

13 hours ago

Amazon Pumps Another $2.75 Billion Into Anthropic

Amazon completes its $4bn investment into AI firm Anthropic, after providing an additional $2.75bn in…

15 hours ago

The Sustainability of AI

While AI promises unparalleled efficiency, productivity, and innovation, questions regarding its environmental impact loom large.…

17 hours ago

Trump’s Truth Social Makes Successful Market Debut

Shares in Donald Trump’s social media company rose about 16 percent after first day of…

18 hours ago