Cybercriminals have stolen approximately a terabyte of data from one of the world’s largest energy companies,Saudi Aramco owned by Saudi Government. Apparently know to be ZeroX
The cyber crooks claim to have used a “zero-day exploitation” to hack the company’s network and its servers at some point last year, and are now attempting to sell the stolen data for millions of dollars on the dark web.
Saudi Aramco has confirmed that its data was stolen but denies that its network or servers were compromised. Instead, the firm claims that the data was filched from third-parties.
Aramco recently confirm that the release of data has no impact on our operations, and the company continues to maintain a robust cybersecurity posture. But the data appear to be sensitive.
The 1TB dump seems to include personal data on 14,254 employees, copies of invoices and contracts, information regarding pipelines and clients, and what seems to be significant amount of security-related information, including “network layout mapping out the IP addresses, Scada points, wifi access points, IP cameras, and IoT devices.”
The hackers are selling the entire data dump to individual buyers for sums of $5 million but have said that will expunge the entire data set from their systems for a one-time payment of $50 million.