In an alarming turn of events, ENGlobal, a Texas-based engineering and automation contractor for the energy sector, encountered a ransomware attack on November 25, 2024, significantly disrupting its operations. The attacker managed to encrypt the company’s data files, prompting rapid action from ENGlobal’s IT team. The company detected unauthorized access to its IT system and immediately commenced containment, assessment, and remediation efforts to minimize potential damage. Recognizing the gravity of the situation, ENGlobal initiated an internal investigation and enlisted the support of external cybersecurity specialists to mitigate the problem effectively.
As part of their response strategy, ENGlobal restricted access to its IT system to only essential business operations while the investigation and resolution of the incident are ongoing. This precautionary measure aims to prevent further unauthorized access and potential data breaches while experts work tirelessly to resolve the attack’s aftermath. The company’s swift action highlights the importance of robust cybersecurity measures within the increasingly vulnerable energy sector. Despite the company’s concerted efforts, ENGlobal has not specified when full access to the IT system will be restored, leaving employees and stakeholders anxiously awaiting a return to normalcy.
Established in 1985, ENGlobal has built a solid reputation by delivering project management and engineering services to entities in the oil, gas, and petrochemical industries, as well as sustainable energy production. The company also caters to various US government agencies, including the Department of Defense and the Department of Energy. Despite their extensive experience and prominent client base, the current ransomware attack serves as a stark reminder of the ever-present cyber threats facing organizations today. As of now, no ransomware group has claimed responsibility for the attack, adding another layer of complexity to the ongoing investigation.
