Cybercriminals have stolen approximately a terabyte of data from one of the world’s largest energy companies, Saudi Aramco.
The oil and gas giant, which is owned by the government of Saudi Arabia and has an annual operating budget of some $229 billion, has apparently been targeted by a gang known as “ZeroX,” Bleeping Computer reports.
The cybercriminals claim to have used a “zero-day exploitation” to hack the company’s network and its servers at some point last year, and are now attempting to sell the stolen data for millions of dollars on the dark web.
Saudi Aramco has confirmed that its data was stolen but denies that its network or servers were compromised. Instead, the firm claims that the data was filched from third-parties.
“Aramco recently became aware of the indirect release of a limited amount of company data which was held by third party contractors,” a company spokesperson told Bleeping Computer. “We confirm that the release of data has no impact on our operations, and the company continues to maintain a robust cybersecurity posture.”
But whether the hack has a direct impact on the giant company’s day-to-day operations or not, the data that was stolen would appear to be quite sensitive.
Indeed, the 1T dump seems to include personal data on 14,254 employees, copies of invoices and contracts, information regarding pipelines and clients, and what seems to be significant amount of security-related information, including “network layout mapping out the IP addresses, Scada points, wifi access points, IP cameras, and IoT devices.”
The hackers are selling the entire data dump to individual buyers for sums of $5 million but have said that will expunge the entire data set from their systems for a one-time payment of $50 million.