Hackers reportedly demand $50m from Saudi Aramco over data leak

·2-min read
A worker rides a bicycle by oil tanks at an oil processing facility of Saudi Aramco.
A worker rides a bicycle by oil tanks at an oil processing facility of Saudi Aramco.

The world's most valuable oil producer Saudi Aramco has confirmed to the BBC that company data has leaked from one of its contractors.

The files are now reportedly being used in an attempt to extort $50m (£36.5m) from the company.

The global oil and gas industry has long been criticised for failing to invest in cyber security.

In May, the Colonial Pipeline in the US was hit by a ransomware cyber-attack.

In an emailed statement, Aramco told the BBC that it "recently became aware of the indirect release of a limited amount of company data which was held by third-party contractors."

The Saudi Arabian energy giant did not say which contractor was affected nor whether the contractor had been hacked or if the files were leaked in some other way.

"We confirm that the release of data was not due to a breach of our systems, has no impact on our operations and the company continues to maintain a robust cybersecurity posture," the firm said.

According to the Associated Press (AP), one terabyte, or 1,000 gigabytes, of Aramco's data was being held by extortionists, citing a page on the darknet - a part of the internet within an encrypted network which is accessible only through specialised anonymity-providing tools.

The AP report said the page offered to delete the data in exchange for $50m in cryptocurrency, although it is unclear who is behind the ransom plot.

Aramco did not immediately respond to a BBC request for clarification over the AP report that the company was the target of a $50m extortion attempt.

The oil and gas industry, which includes companies that own wells, pipelines and refineries, has failed to invest in cyber-security over the years, according to experts.

This is not the first time Aramco has been the target of a data-related attack. In 2012, the company's computer network was hit by the so-called Shamoon virus.

A cyber-attack this year on the Colonial Pipeline in the US further highlighted the vulnerabilities of the energy industry's computer systems.

You may also be interested in:

Our goal is to create a safe and engaging place for users to connect over interests and passions. In order to improve our community experience, we are temporarily suspending article commenting