September 26, 2023

Romanian gas station ‘Rompetrol’ is hit by a ransomware attack. Rompetrol is a subsidiary of KMG International

In a statement released by KMG International – stating that they are dealing with a complex cyberattack that made them shut down their websites and their Fill&Go service at gas stations.

Rompetrol is the largest oil company in Romania that operates in Europe, North Africa, and Central Asia and has a capacity of over five million tons a year. The company. 


It is suspected that Hive ransomware operators are behind the Rompetrol ransomware attack, and the ransom demands are suspected to be in several millions. Rompetrol announced the same on social media today. As of now KMG has intimated Romanian National Directorate of Cyber Security (DNSC) who is actively resolving the situation now.

“To protect the data, the company has temporarily suspended the operation of the websites and the Fill&Go service, both for the fleets and for the private customers, the activity of Rompetrol gas stations is carried out normally, the customers having at their disposal the option of payment in cash or by bank card.”

KMG International Statement

As per the report surfaced , the hackers might have reached the  internal network of Petromidia refinery that belongs to Rompetrol, and the attack was first detected at 21:00 on Sunday affecting their IT services.



Hive employs a variety of tactics, techniques and hacking methodologies to breach networks, which is why the Hive ransomware gang is a sophisticated group that organizations should be concerned about.Recent attacks have Hive includes compromising Memorial Health System which made them cancel surgeries and other diagnostic procedures including patient information.

Leave a Reply

%d bloggers like this: