Saudi Aramco has confirmed that it is facing a $50m ransom demand from hackers who have stolen some proprietary data.
The hackers have offered to delete the stolen data if the state-owned energy giant agrees to the ransom amount in cryptocurrency.
Saudi Aramco in a statement said: “Aramco recently became aware of the indirect release of a limited amount of company data, which was held by third-party contractors.
“We confirm that the release of data was not due to a breach of our systems, has no impact on our operations, and the company continues to maintain a robust cybersecurity posture.”
Recently, The Associated Press reported that 1TB of Saudi Aramco’s data appeared on the dark web.
However, the oil firm did not disclose how the information was leaked.
The hackers are threatening the oil firm to sell the stolen data on a dark web forum, reported Bleeping Computer.
According to the publication, Saudi Aramco learned about the data leak earlier this month although the hack of ‘network and its servers’ took place last year by a cybercriminal group, ZeroX.
The stolen data is said to include information of about 14,254 employees, as well as project specifications, internal analysis reports, a list of Aramco’s clients, along with invoices and contracts.
Earlier this year, Saudi Aramco’s oil installation in the refinery town of Jazan in Saudi Arabia was attacked by Yemeni rebel group Houthis using 11 missiles and explosive-laded drones.