Hackers paralyze PPL IT systems demand ransom financial operations suspended for two days Profit by Pakistan Today
pMajor cyberattack leaves leading oil gas companys IT systems crippled as vital data gets compromised
ppISLAMABADThe Pakistan Petroleum Limited PPL one of the countrys leading staterun oil and gas companies has fallen victim to a major cyberattack leaving its IT systems crippled for the past two daysppAccording to sources hackers operating under the alias Blue Locker have encrypted PPLs servers blocked access to backups and are now demanding a ransom in exchange for a decryption tool and a promise not to leak sensitive datappThe companys entire financial system has been brought to a standstill as operations remain suspendedppAs per sources the encrypted systems include virtual machines and financial servers and the attackers claim to have exfiltrated vital data related to operations contracts and employee informationppIn an alarming email sent to PPL employees the hackers statedppYour computers and servers are encrypted backups are deleted from your network and copied We have stolen some of your business data and employee information including but not limited to TMC Data Sui Adhi etc and contracts If you dont contact us with a quote we will report the hack to mainstream media and release your data to social media and competitorsppThe message also warned that any attempt to modify or recover files independently could result in permanent data lossppPPL in an official statement commented that Pakistan Petroleum Limited PPL recently identified a cybersecurity incident involving a ransomware intrusion targeting parts of its IT infrastructure The event was detected on August 6 2025 and our internal cybersecurity protocols were immediately activatedppOur IT and cybersecurity teams in collaboration with external experts took prompt and effective containment measures including the temporary suspension of select noncritical IT services as a precaution to limit potential impact and ensure the integrity of our systemsppPPL operates a multilayered cybersecurity framework and thanks to these systems the threat was rapidly isolated At this point there is no indication of compromise to businesscritical or sensitive data Core operational systems remain unaffected and our Joint Venture JV partners and external stakeholders continue to operate without disruptionppWe can confirm that a ransomware note was received from an external actor identifying themselves as Proton In accordance with best practices and legal guidelines the matter has been reported to relevant law enforcement and regulatory authorities Investigations are ongoing in coordination with these agenciesppWe remain committed to full transparency and are conducting a comprehensive forensic analysis to assess the scope and reinforce our cyber resilience Our teams are working diligently to restore full system functionality in a secure and phased mannerppPPL places the highest priority on safeguarding its digital infrastructure and remains focused on maintaining the trust of its stakeholders through timely action and proactive cyber risk managementppThe hacking incident has raised serious concerns about the cybersecurity resilience of critical national infrastructure especially in the energy sector The attackers using encryption and threatening exposure have demanded direct negotiations stating that intermediaries or cybersecurity consultants should not be involvedppSo far it remains unclear whether PPL has engaged with the hackers or reported the matter to law enforcement or the National CERT Computer Emergency Response TeamppThe sources also informed that the companys IT experts and management are in negotiations with the hackers who have taken control of PPLs IT system for the past two days They said that the administration has lost control over the companys financial operations They further revealed that the government and relevant authorities have been fully informed about the situation and a request has been made to these institutions to help restore the companys systems Other oil and gas companies have also been alerted and warned to take immediate precautionary measures and necessary steps they addedppCybersecurity experts warn that such attacks can compromise national energy security and stress the need for urgent investment in digital infrastructure and threat monitoring systems across all stateowned enterprisespp
Save my name email and website in this browser for the next time I comment
pp
ppppΔdocumentgetElementById akjs1 setAttribute value new Date getTime p
ppISLAMABADThe Pakistan Petroleum Limited PPL one of the countrys leading staterun oil and gas companies has fallen victim to a major cyberattack leaving its IT systems crippled for the past two daysppAccording to sources hackers operating under the alias Blue Locker have encrypted PPLs servers blocked access to backups and are now demanding a ransom in exchange for a decryption tool and a promise not to leak sensitive datappThe companys entire financial system has been brought to a standstill as operations remain suspendedppAs per sources the encrypted systems include virtual machines and financial servers and the attackers claim to have exfiltrated vital data related to operations contracts and employee informationppIn an alarming email sent to PPL employees the hackers statedppYour computers and servers are encrypted backups are deleted from your network and copied We have stolen some of your business data and employee information including but not limited to TMC Data Sui Adhi etc and contracts If you dont contact us with a quote we will report the hack to mainstream media and release your data to social media and competitorsppThe message also warned that any attempt to modify or recover files independently could result in permanent data lossppPPL in an official statement commented that Pakistan Petroleum Limited PPL recently identified a cybersecurity incident involving a ransomware intrusion targeting parts of its IT infrastructure The event was detected on August 6 2025 and our internal cybersecurity protocols were immediately activatedppOur IT and cybersecurity teams in collaboration with external experts took prompt and effective containment measures including the temporary suspension of select noncritical IT services as a precaution to limit potential impact and ensure the integrity of our systemsppPPL operates a multilayered cybersecurity framework and thanks to these systems the threat was rapidly isolated At this point there is no indication of compromise to businesscritical or sensitive data Core operational systems remain unaffected and our Joint Venture JV partners and external stakeholders continue to operate without disruptionppWe can confirm that a ransomware note was received from an external actor identifying themselves as Proton In accordance with best practices and legal guidelines the matter has been reported to relevant law enforcement and regulatory authorities Investigations are ongoing in coordination with these agenciesppWe remain committed to full transparency and are conducting a comprehensive forensic analysis to assess the scope and reinforce our cyber resilience Our teams are working diligently to restore full system functionality in a secure and phased mannerppPPL places the highest priority on safeguarding its digital infrastructure and remains focused on maintaining the trust of its stakeholders through timely action and proactive cyber risk managementppThe hacking incident has raised serious concerns about the cybersecurity resilience of critical national infrastructure especially in the energy sector The attackers using encryption and threatening exposure have demanded direct negotiations stating that intermediaries or cybersecurity consultants should not be involvedppSo far it remains unclear whether PPL has engaged with the hackers or reported the matter to law enforcement or the National CERT Computer Emergency Response TeamppThe sources also informed that the companys IT experts and management are in negotiations with the hackers who have taken control of PPLs IT system for the past two days They said that the administration has lost control over the companys financial operations They further revealed that the government and relevant authorities have been fully informed about the situation and a request has been made to these institutions to help restore the companys systems Other oil and gas companies have also been alerted and warned to take immediate precautionary measures and necessary steps they addedppCybersecurity experts warn that such attacks can compromise national energy security and stress the need for urgent investment in digital infrastructure and threat monitoring systems across all stateowned enterprisespp
Save my name email and website in this browser for the next time I comment
pp
ppppΔdocumentgetElementById akjs1 setAttribute value new Date getTime p
