Conpet, Romania’s national oil pipeline operator, disclosed that a cyberattack disrupted its business systems and took down the company’s website on Tuesday.
Meanwhile, Conpet operates nearly 4,000 kilometers of pipeline network, supplying domestic and imported crude oil and derivatives, including gasoline and liquid ethane, to refineries nationwide.
On Wednesday, the company said in a press release that the incident affected its corporate IT infrastructure but did not disrupt its operations or its ability to fulfill its contractual obligations.
Additionally, Conpet said the cyberattack also took down its website and confirmed that it is now investigating the incident and restoring affected systems with the help of national cybersecurity authorities.
At the same time, the pipeline operator notified the Directorate for Investigating Organized Crime and Terrorism (DIICOT) and filed a criminal complaint regarding the incident.
“We note that the operational technologies (SCADA System and Telecommunications System) were not affected, so the company’s core business, consisting of the transport of crude oil and gasoline through the National Oil Transport System, is operating normally and there are no disruptions in its operation,” it said. “As a result of this incident, the company’s website www.conpet.ro cannot be accessed during this period.”
Qilin Ransomware Gang Claims Responsibility
However, the company has yet to disclose the nature of the cyberattack. Nevertheless, the Qilin ransomware gang has claimed responsibility and added Conpet to its dark web leak site earlier today.
Conpet on Qilin’s leak site (BleepingComputer)
Moreover, the threat actors claim they stole nearly 1TB of documents from Conpet’s compromised systems and leaked over a dozen photos of internal documents containing financial information and passport scans as proof of the breach.
Qilin emerged in August 2022 as a Ransomware-as-a-Service (RaaS) operation under the “Agenda” name. Over the last four years, it has claimed responsibility for nearly 400 victims, including high-profile organizations such as Nissan, Japanese beer company Asahi, publishing giant Lee Enterprises, pathology services provider Synnovis, and Australia’s Court Services Victoria.
BleepingComputer reached out to Conpet with questions about the incident, but a response was not immediately available.
Cyberattacks Target Romania’s Critical Infrastructure
Notably, this cyberattack follows ransomware attacks on Romanian Waters (Romania’s water management authority) and Oltenia Energy Complex (the country’s largest coal-based energy producer) in December.
In addition, in December 2024, Electrica Group (a major Romanian electricity supplier and distributor) suffered a breach in a Lynx ransomware attack, while over 100 Romanian hospitals went offline in February 2024 after a Backmydata ransomware attack took down their healthcare management systems.
Source: BleepingComputer, Sergiu Gatlan
Read more at Impreza News
