Cybercrime group ZeroX has stolen 1TB of proprietary company data from the Saudi Arabian Oil Company (Aramco) and is selling it on the dark web.
Aramco said they did not suffer from a direct breach and that it was their third-party contractors that were targeted.
Aramco claimed that the incident had no impact on Aramco’s operations and that there were no direct ransom demands.
ZeroX said that the data dump contained full information on 14,254 employees including their names, photos, passports, emails, phone numbers, residence permit (Iqama card) numbers, job title, ID numbers, and family information.
Apart from personal information, project specifications, internal analysis reports, network layouts, location maps with precise coordinates, and a list of Saudi Aramco’s clients.
ZeroX has already posted a small sample set of Saudi Aramco’s data which contained blueprints and proprietary documents from the company with censored personally identifiable information (PII) last June.
Bleepingcomputer posted screenshots of an onion site counting down to the sale of the data which ZeroX said was a “puzzle” for Saudi Aramco to solve.
The breach was not considered a ransomware attack or an extortion incident because ZeroX did not encrypt the company’s systems or demand a ransom in exchange to unlock its data.