ENGlobal took almost six weeks to recover from a severe ransomware attack

ENGlobal Corporation, a leading provider of engineering and professional services to the U.S. energy industry, said that it took almost six weeks for it to recover from the data security incident it suffered last year.

 

In December, in a filing with the U.S. Securities and Exchange Commission, the company said that on November 25, it identified a significant cyber security incident that affected its internal network. The company conducted an investigation, with assistance from external cyber security experts, to determine the nature and scope of the incident.

 

“The preliminary investigation has revealed that a threat actor illegally accessed the Company’s information technology system and encrypted some of its data files,” ENGlobal said.

 

“Upon detecting the unauthorised access, the Company immediately took steps to contain, assess and remediate the cybersecurity incident, including beginning an internal investigation, engaging external cybersecurity specialists, and restricting access to its IT system.”

 

The company added that as a result of these containment measures, access to the company’s IT system had been limited to essential business operations only.

 

In a recent filing with the SEC, ENGlobal said that it took almost six weeks to fully recover from the cyber attack.

 

“The cybersecurity incident limited the Company’s ability to access portions of its business applications that supported aspects of the Company’s operations and corporate functions, including financial and operating reporting systems for approximately six weeks.

 

“As of the date hereof, the Company’s operations and corporate functions have been fully restored, and the Company believes that the threat actor no longer has access to the Company’s IT system.  

 

“As part of its remediation efforts, the Company is working with cybersecurity experts to reinforce its IT system, strengthen its surveillance of cybersecurity threats and prevent future unauthorised access to its IT system,” reads the filing.

 

ENGlobal added that the threat actor who infiltrated its internal network accessed a portion of its network that contained sensitive personal information. The company will soon notify the affected individuals and applicable regulatory agencies as required by federal and state law.

 

“Based on the information available to the Company as of the date hereof, the Company believes that the incident has not had a material impact and is not reasonably likely to have a material impact, on the Company, including the Company’s financial condition and results of operations, except as disclosed herein,” the company added.