Halliburton Optimistic Amid $35M Data Breach Loss

Halliburton, a multinational corporation known for its oil and gas products and services, reported that its losses after a ransomware attack in August have added up to $35 million.

In a filing with the US Securities and Exchange Commission (SEC), Halliburton reported that it became aware of unauthorized third-party access to its systems on Aug. 21, prompting it to launch an investigation alongside its cybersecurity response plan.

In order to contain the breach, Halliburton was forced to shut down some of its systems. In an 8-K filing, the company confirmed that the threat actors were able to exfiltrate data in the attack. It also revealed that the RansomHub ransomware gang was behind the attack and stolen data.

It remains unclear the scope of the breach and what kind of information was stolen, as the investigation in ongoing. However, Halliburton reported that it was unlikely that the breach would have a material impact on its finances, with its 2024 third-quarter earnings report confirming that estimate.

"We experienced a $0.02 per share impact to our adjusted earnings from lost or delayed revenue due to the August cybersecurity event and storms in the Gulf of Mexico," stated Jeff Miller, chairman, president, and CEO at Halliburton.

The cost of mitigating the cyberattack was a small price to pay considering Halliburton's size as a company. But the threat actors may still yet decide to sell the data, exposing Halliburton even further and requiring additional damage control.

Related:CISO Corner: The NYSE & the SEC; Ransomware Negotiation Tips

Don't miss the upcoming free Dark Reading Virtual Event, "Know Your Enemy: Understanding Cybercriminals and Nation-State Threat Actors," Nov. 14 at 11 am ET. Don't miss sessions on understanding MITRE ATT&CK, using proactive security as a weapon, and a masterclass in incident response; and a host of top speakers like Larry Larsen from the Navy Credit Federal Union, former Kaspersky Lab analyst Costin Raiu, Ben Read of Mandiant Intelligence, Rob Lee from SANS, and Elvia Finalle from Omdia. Register now!