ENGlobal Corporation, a federal energy contractor, detailed a cybersecurity breach in a recent Securities and Exchange Commission (SEC) filing. The breach, discovered on November 25, 2024, involved unauthorized access to ENGlobal’s IT systems.
Cyber adversaries encrypted data files and disrupted access to crucial business applications for about six weeks. This ENGlobal cybersecurity breach impacted operational and corporate functions, including financial and operating reporting systems.
“On November 25, 2024, the Company became aware of a cybersecurity incident,” wrote Darren W. Spriggs, ENGlobal’s CFO, in the SEC filing.
“A threat actor illegally accessed the Company’s IT system and encrypted some of its data files.”
The company immediately responded, engaging external cybersecurity specialists and restricting system access.
ENGlobal’s operations and corporate functions have since been fully restored. The company believes the threat actor no longer has access to its IT system. However, the breach involved access to sensitive personal information.
ENGlobal plans to notify affected parties and regulatory agencies as required by law.
Spriggs stated that, “based on the information available…the Company believes that the incident has not had a material impact…on the Company.”
Darren Williams, CEO of BlackFog, commented on the ENGlobal cybersecurity breach, noting that the energy sector is a prime target for ransomware attacks due to its critical role and potential for widespread disruption.
He highlighted the need for proactive security measures and emphasized the importance of resisting ransom payments.
“The reputational, legal, and operational consequences…are far-reaching, making it imperative for organizations to prioritize robust data protection strategies.” Williams stated.
This ENGlobal cybersecurity breach comes as CenterPoint Energy, a Texas utility firm, investigates a potential data leak potentially linked to the 2023 MOVEit breach. CenterPoint Energy confirmed it’s examining reports of stolen customer data appearing on a cybercriminal forum.
“Based on our investigation, we believe this data was obtained from a third-party vendor’s system,” a CenterPoint Energy spokesperson stated.
The company is assessing the impact but hasn’t detailed the extent of the data exposure.
The CenterPoint Energy data leak investigation highlights the ongoing vulnerability of critical infrastructure to cyberattacks.
