US oilfield services giant Halliburton confirmed that a cyberattack in August led to data being accessed and exfiltrated by an unauthorized third party. The company discovered the breach on Aug. 21, which resulted in disruptions and restricted access to parts of its business applications and “corporate systems”.
While Halliburton is still assessing the breach’s scope, it does not expect a significant impact on its financial condition. However, the company is facing ongoing costs related to the incident as it investigates and remediates the damage.
In its SEC filing on the matter, Halliburton stated, “When it learned of the issue, the Company activated its cybersecurity response plan and launched an investigation internally with the support of external advisors to assess and remediate the unauthorized activity. The Company’s response efforts included proactively taking certain systems offline to help protect them and notifying law enforcement. The Company’s ongoing investigation and response include restoration of its systems and assessment of impacted data.”
The company is working with external advisors and law enforcement to understand the breach’s full extent and determine if additional notifications are required. It is also still providing services and products to its customers during the investigation.
The cyberattack follows a series of similar incidents targeting U.S. energy firms, such as the 2021 Colonial Pipeline ransomware attack that led to a $4.4 million ransom payment. Halliburton’s shares fell nearly 4% following the announcement, marking a new low for the year.
There is speculation that ransomware might have been involved, though Halliburton has not confirmed this. The attack raises concerns about the cybersecurity vulnerabilities within the energy sector, highlighting the ongoing risks these companies face despite their efforts to secure their systems.