💰💣

ENGlobal Corporation Security Incident

25/11/2024 301 days ago Resolved

Incident Overview

Situation Description

Federal energy contractor ENGlobal Corporation disclosed details of a cybersecurity incident where cyber adversaries illegally accessed its IT systems, encrypted data files, and disrupted business applications for approximately six weeks.

Event Types

Ransomware Malware / Destructive Attack

Industry Sector

Energy

Geographic Scope

National (US)

Response Actions

Isolated Compromised Systems Engaged Third-Party Forensic Investigators Conducted Threat Hunting & Eradication Notified Affected Individuals & Entities Refused to Pay Ransom / Extortion Revised Incident Response Plan Hardened Attack Surface

Impact Analysis

Event Types (2 identified)

Ransomware Malware / Destructive Attack

Financial Impact

$0 USD

Records Affected

Data Types Compromised

PII (Personally Identifiable Information) Operational / System Data

Primary Impacts

Operational Disruption Data Exposure

Key Decisions Made

The Company immediately took steps to contain, assess and remediate the cybersecurity incident.; The Company is working with cybersecurity experts to reinforce its IT system, strengthen its surveillance of cybersecurity threats and prevent future unauthorized access to its IT system.; The Company intends to provide notifications to affected and potentially affected parties and applicable regulatory agencies as required by federal and state law.

Technical Analysis

Attack Method

Phishing

Additional Information

Attacks and Vulnerabilities Critical infrastructure Malware, Phishing & Ransomware News Utilities: Energy & Power, Water, Waste ENGlobal details cybersecurity breach, as CenterPoint Energy probes potential data leak January 30, 2025 Federal energy contractor ENGlobal Corporation disclosed additional details in a Securities and Exchange Commission (SEC) filing on Monday regarding the cybersecurity incident the company experienced last year, in which cyber adversaries illegally accessed its IT systems, encrypted data files, and disrupted access to business applications supporting operations and corporate functions for approximately six weeks. The filing also provided further insights into the nature and impact of the breach, underscoring the companys ongoing efforts to address and mitigate the issue. Meanwhile, CenterPoint Energy is actively investigating a possible data leak that may have compromised sensitive information. The breach has raised significant concerns about data security and the measures in place to protect against such threats. As previously reported in the Original Form 8-K, on November 25, 2024, the Company became aware of a cybersecurity incident, Darren W. Spriggs, chief financial officer, treasurer and corporate secretary, wrote in the SEC filing. The preliminary investigation revealed that a threat actor illegally accessed the Companys information technology (IT) system and encrypted some of its data files. Upon detecting the unauthorized access, the Company immediately took steps to contain, assess and remediate the cybersecurity incident, including beginning an internal investigation, engaging external cybersecurity specialists, and restricting access to its IT system. The Oklahoma-based company noted that the cybersecurity incident limited its ability to access portions of its business applications that supported aspects of the companys operations and corporate functions, including financial and operating reporting systems for...

... (truncated for display)

Quick Facts

Company:: ENGlobal Corporation
Date:: 25/11/2024
Status:: Resolved
Decision Maker:: Darren W. Spriggs
Position:: chief financial officer, treasurer and corporate secretary
Published:: 30/01/2025

Source Information

Original Query

corporate filing "material impact" "ransomware attack" 2023..2024

View Original Source

Timeline

Information Published

30/01/2025

Incident Occurred

25/11/2024 (301 days ago)

Status: Resolved

Estimated resolution based on age

Actions

View Company Profile

Navigation

Quick Stats