Energy sector contractor ENGlobal Corporation has confirmed that personal information was compromised in a ransomware attack that occurred on 25 November 2024. The company disclosed the breach in a recent filing with the US Securities and Exchange Commission (SEC), revealing that threat actors had accessed sensitive data stored within its systems.
Following the cyberattack, ENGlobal took immediate containment measures, including taking certain systems offline.
This restricted access to only essential business operations while the company worked to mitigate the impact of the attack. In an initial SEC filing in early December, ENGlobal acknowledged that the ransomware had encrypted some of its data but did not confirm whether any information had been stolen.
However, in a subsequent regulatory filing, the company confirmed that attackers had indeed gained access to a portion of its IT infrastructure containing personal information. The extent of the breach remains undisclosed, but ENGlobal stated that it would notify affected individuals and relevant regulatory agencies as required by federal and state laws.
ENGlobal assured stakeholders that it had fully restored its systems and resumed normal operations. The company successfully evicted the threat actor from its network, allowing its corporate functions and business applications to return to full capacity. However, the cybersecurity incident severely impacted ENGlobal’s ability to access key systems, including financial and operational reporting tools, for approximately six weeks.
Despite this disruption, the company maintains that the attack has not had and is not expected to have a material impact on its financial condition or overall business performance.
ENGlobal has not disclosed any details regarding the identity of those who are behind the ransomware attack. Additionally, no known ransomware group has publicly claimed responsibility for the incident.
As the investigation continues, ENGlobal is focusing on reinforcing its cybersecurity measures to prevent future breaches. The company remains dedicated to confirming the security of its systems and protecting sensitive data from further threats.
