Saudi Aramco said on Wednesday that some of its company files had been leaked via a contractor, but that its cyber security posture remained “robust” and said that its systems were not compromised, according to reports and a statement from the company.
A cyber extortionist claimed on the dark web claimed to have seized troves of Saudi Aramco data last month and demanded a $50 million ransom from the company. The post by the extortionist was made on June 23 and seen by the Financial Times.
Aramco said in a statement that it had “recently become aware of the indirect release of a limited amount of company data which was held by third-party contractors.” The oil company did not name the supplier or explain how the data were compromised, according to a report in Ars Technica via the Financial Times.
“We confirm that the release of data was not due to a breach of our systems, has no impact on our operations, and the company continues to maintain a robust cyber security posture,” Aramco added. The hacker appeared to have seized a copy of the data without using malware, and set up dark web profiles to announce their actions.
According to that story, in another post, the perpetrator “offered to delete the data if Aramco paid up $50 million in a niche cryptocurrency Monero, which is particularly difficult for authorities to trace. The post also offered prospective buyers the chance to purchase the data for about $5 million.”
The company has been the target of nefarious cyber criminals for years. In 2020, the company saw an uptick in cyber attacks against its facilities and systems, which it said it had successfully repelled.
“Overall there is definitely an increase in the attempts of (cyber) attacks, and we are very successful in preventing these attacks at the earliest stage possible,” Khalid al-Harbi told Reuters in a telephone interview in February 2020.
