Saudi Aramco — one of the largest oil companies in the world — has denied that their systems were breached by hackers after cybercriminals contacted ZDNet with a trove of files from the company.
A threat actor going by ZeroX told ZDNet on Telegram that it had stolen 1T of “sensitive data” ranging from 1993 to 2020. The group said it hacked Saudi Aramco’s network, stealing information on refineries in Yanbu, Jazan, Jeddah, Ras Tanura, Riyadh and Dhahran. The cybercriminals also contacted other news outlets like Bleeping Computer, which first reported the hack.
The group provided samples of the data, which included documents covering project specifications, electrical and power systems, machinery at the refineries, analysis reports, unit prices, business agreements, network documents, company clients, invoices and more.
The group also said it stole information about 14,254 employees, including names, photos, passports, emails, phone numbers, family information, ID numbers and more. ZeroX shared the data through an “onion dark web link.”
But in a statement to ZDNet, Saudi Aramco denied that they had been hacked.
“Aramco recently became aware of the indirect release of a limited amount of company data which was held by third party contractors,” the spokesperson said. “We confirm that the release of data was not due to a breach of our systems, has no impact on our operations, and the company continues to maintain a robust cybersecurity posture.”
Saudi Aramco has more than 270 billion barrels of crude oil reserves, the second largest in the world, and produces more oil on a daily basis than any other company in the world.
The company brought in $204 billion in 2020. Bleeping Computer reported that ZeroX was auctioning the entire data dump for $5 million while also offering 1 GB samples for about $2,000.
Saudi Aramco dealt with a cyberattack in 2012 that damaged 30,000 workstations and the oil giant has routinely faced attacks ever since.