US government, energy sector contractor hit by ransomware
ENGlobal, a Texas-based engineering and automation contractor for companies in the energy sector, has had its data encrypted by attackers.
“On November 25, 2024, ENGlobal Corporation (the “Company”) became aware of a cybersecurity incident. The preliminary investigation has revealed that a threat actor illegally accessed the Company’s information technology (“IT”) system and encrypted some of its data files,” the company shared in an 8-K filed on Monday with the US Securities and Exchange Commission.
The company reacted to the finding by taking steps to contain, assess and remediate the incident: it started an internal investigation, called in external cybersecurity specialists to help, and restricted access to its IT system.
“As a result of these and other measures, and while the investigation and remediation efforts remain ongoing, access to the Company’s IT system is limited to essential business operations,” ENGlobal said, and refrained from providing a date for the restoration of full access to the Company’s IT system.
Founded in 1985, ENGlobal provides project management, engineering, procurement, fabrication, integration, automation, and field services to:
- Companies and organizations working on oil, gas and petrochemical extraction, treatment, transportation, storage and distribution
- Companies involved in producing sustainable energy
- US State and Local government and education agencies, as well as US Federal agencies like the US Department of Defense and Department of Energy
No ransomware outfit has yet claimed the attack.