Cyberattack dismissed by Kazakh state oil firm

Kazakhstan state-owned oil and gas firm KazMunayGas has disclosed conducting an internal phishing drill as it denied having its systems compromised by the Russia-linked NoisyBear threat operation as reported by Seqrite Labs, according to The Record, a news site by cybersecurity firm Recorded Future.

While Seqrite Labs researchers noted that the state oil company had its finance employee's email leveraged in phishing attacks attributed to Russia, KazMunayGas noted the activity to be part of a simulation, which sought to obtain security recommendations from its staff members.

"In May 2025, KMG organized and carried out a planned internal exercise to test, assess, and improve employees' awareness of information security," said the firm.

Such a development comes months after U.S. cloud storage firm Snowflake refuted Hudson Rock findings alleging the compromise of its systems in an attack associated with the breaches of Santander Bank and Ticketmaster, stating the purportedly impacted account was from a demo environment used by an ex-employee.