ENGlobal Corporation, a leading contractor in the energy industry, has confirmed it is dealing with a ransomware attack that has significantly impacted its IT systems. The breach was discovered on November 25, and the company filed a report to the U.S. Securities and Exchange Commission (SEC) the same day, detailing the incident. According to the preliminary investigation, a threat actor accessed the company’s IT system and encrypted some of its data files, disrupting normal operations.
In response to the attack, ENGlobal took immediate steps to limit the damage. The company restricted employee access to its IT systems, allowing only essential business functions to continue. To mitigate further risks and recover from the breach, ENGlobal has initiated an internal investigation and enlisted the help of external cybersecurity experts. However, the company has yet to determine when full access to its systems will be restored.
The ransomware attack’s full financial impact remains uncertain at this time. ENGlobal has not yet assessed whether the breach will affect its financial performance, but the company remains committed to addressing the issue swiftly. Despite the ongoing investigation, ENGlobal emphasized that it is focused on securing its systems and minimizing further disruptions to operations.
This attack adds to a troubling trend, with several contractors in the energy and defense sectors being targeted by ransomware groups in recent months. Similar incidents, like the attack on Johnson Controls last year, have raised concerns about the vulnerability of companies involved in critical infrastructure projects, especially those working with government agencies. With no ransomware group yet claiming responsibility for the ENGlobal attack, the incident underscores the growing risks faced by industries essential to national security and economic stability.
Reference:
