Halliburton has confirmed in a recent filing with the Securities and Exchange Commission (SEC) that data was stolen in a recent cyberattack attributed to the RansomHub ransomware gang.
According to the 8-K form filed today, Halliburton reported that an unauthorized third party accessed and exfiltrated sensitive information from the company’s systems. The company is currently assessing the extent of the breach and determining the necessary notifications.
“The Company believes the unauthorized third party accessed and exfiltrated information from the Company’s systems,” the filing states. “The Company is evaluating the nature and scope of the information, and what notifications are required.”
Halliburton initially disclosed the breach on August 22 through an 8-K form but did not provide detailed information about the attack. It was later reported by BleepingComputer that the RansomHub ransomware group was responsible and that Halliburton faced significant IT system and business disruptions.
An email sent by Halliburton to suppliers revealed that the company had to take certain systems offline to contain the breach and had enlisted Mandiant for investigation and remediation support.
The recent 8-K form confirms earlier reports of operational disruptions, including limited access to some business applications that support various company operations and functions.
Halliburton has not yet disclosed detailed information to the media or its customers, causing concern among firms connected to its platform. The company is working on communicating with customers and stakeholders about the incident and evaluating the need for further notifications.
While Halliburton has indicated that the financial impact of the breach may not be substantial, it acknowledges potential risks from legal actions and reputational damage. The company continues to assess the full implications of the attack.
