World's Largest Oil Producer Confirms Data Leak Following $50 Million Ransomware Attack
High-reward ransomware appears to be all the rage right now after the REvil hacking group executed the Kaseya attack, encrypting over 1,500 businesses. Now, Saudi Aramco has confirmed a data leak today following an extortionist who demanded $50 million after claiming to have sized a large quantity of data from the world’s largest oil producer.
Released today, Aramco’s statement explained that it had “recently become aware of the indirect release of a limited amount of company data which was held by third-party contractors.” While no supplier or contractor was named nor was it explained how the data was lost according to the Financial Times, it seems the company is simply shrugging this off.
This statement follows a malicious hacker’s post back on June 23rd, claiming that he stole 1TB of Aramco’s data. Within this 1TB, he stated that he had contracts, invoices, full employee info, project specifications and much more. The asking price for this data was $5,000,000 to get it and $50,000,000 to get it and delete it, a la a ransom. However, another user on the leaks forum believes that this data is part of an older leak from a construction company that contracted for Aramco back in 2020.
Either way, clearly Aramco does not believe that this data leak poses any risk to its business or security in general. Perhaps this “malicious hacker” is just a grifter trying to make a quick buck from the fear of ransomware that is lingering after Kaseya and other attacks, and Aramco recognizes that. We will have to see how this plays out, so stay tuned to HotHardware for any updates.