Saudi Aramco admits data theft after $50m ransom demand
Saudi Arabia's state oil company has admitted that company files were leaked via a contractor, following claims from a cyber extortionist that they had seized a large amount of the company's data.
According to a report in the Financial Times, the extortionist - who demanded a $50m ransom from the company - claimed last month on the dark web to have stolen 1 terabyte of data from Saudi Aramco. The extortionist threatened to delete the data if the company did not pay the ransom, which they demanded in an untraceable cryptocurrency.
In a statement on Thursday, Aramco admitted that it had "recently become aware of the indirect release of a limited amount of company data which was held by third-party contractors.
"We confirm that the release of data was not due to a breach of our systems, has no impact on our operations, and the company continues to maintain a robust cyber security posture."
It has not been revealed who was behind the Aramco incident, and the company has not explained how the data was leaked, or the identity of the third-party contractor.
Oil prices tumbled midway through last year's first quarter as the coronavirus pandemic shuttered large parts of the global economy, piling pressure on petro-states, including OPEC kingpin Saudi Arabia.
Long seen as the kingdom's "crown jewel", Aramco and its assets were once tightly government controlled and considered off-limits to outside investment.
But with the rise of Crown Prince Mohammed bin Salman, Saudi Arabia's de facto ruler, who is accelerating efforts to implement his "Vision 2030" reform programme, the kingdom has shown readiness to cede some control. In late April, MBS said Saudi Arabia, the world's top crude exporter, was in talks to sell one percent of Aramco to an unnamed foreign energy firm.