Saudi Aramco denies breach after hacker steals files

Saudi Aramco, one of the world’s largest oil companies, has denied that hackers have compromised the system after cybercriminals contacted ZDNet with a pile of files from the company.

A ZeroX attacker told ZDNet on Telegram that he had stolen 1T of “confidential data” from 1993 to 2020. The group said it had hacked Saudi Aramco’s network and stole information about refineries in Yanbu, Jazan, Jeda, Ras Tanura and Riyadh. And Dhahran. Cybercriminals also contacted other media outlets, including Bleeping Computer, which first reported the hack.

This group provided samples of data, including documents covering project specifications, power and power systems, refinery machinery, analytical reports, unit prices, business contracts, network documents, corporate clients, invoices, and more.

The group also said it had stolen information about 14,254 employees, including names, photos, passports, emails, phone numbers, family information and ID numbers. ZeroX shared the data via “Onion Dark Weblink”.

However, in a statement to ZDNet, Saudi Aramco denied they had been hacked.

“Aramco recently noticed an indirect release of a limited amount of corporate data held by third-party contractors,” said a spokesman. “We have confirmed that the disclosure of data is not due to a system breach and does not affect our business, and the company continues to maintain a strong cybersecurity system.”

With over 270 billion barrels of crude oil reserves in Saudi Aramco, it is the second largest in the world and produces more oil daily than any other company in the world.

The company brought $ 204 billion in 2020. Bleeping Computer reported that ZeroX has auctioned the entire data dump for $ 5 million and is offering a 1GB sample for about $ 2,000.

Saudi Aramco responded to a cyberattack that damaged 30,000 workstations in 2012, and oil giants have faced attacks on a daily basis ever since.

Saudi Aramco denies breach after hacker steals files.