ENGlobal Corporation, a major contractor for the energy industry and the US federal government, revealed some details of a six-week disruption to its financial systems following a ransomware attack on November 25, reports The Record, a news site by cybersecurity firm Recorded Future.
The Oklahoma-based company disclosed the disruptions in a filing with the US Securities and Exchange Commission, noting that some critical business applications including financial and operational reporting systems were inaccessible during this period. The firm has since restored its operations and corporate functions, stating that the attackers no longer have access to its IT systems. However, the breach also involved unauthorized access to sensitive personal data and said that affected individuals will be notified. The attack forced ENGlobal to restrict employee access to IT resources, limiting operations to essential functions. The company said that it does not anticipate significant financial repercussions, though the extended downtime notably exceeded the industry average of 17 working days for ransomware containment and remediation. The attack has not been attributed to any known ransomware group.