ENGlobal Cyberattack Exposes Sensitive Personal Data: What You Need to Know
In a significant cybersecurity incident, U.S. engineering firm ENGlobal has disclosed that hackers gained access to sensitive personal information during a cyberattack that occurred in November 2024. This breach has raised concerns about the security of data within organizations that provide critical services.
Details of the Cyberattack on ENGlobal
ENGlobal, renowned for its engineering and automation services catering to federal government and critical infrastructure clients, announced the breach through an updated 8-K filing with the U.S. Securities and Exchange Commission on Monday. The hackers reportedly encrypted some of the company’s data files, suggesting a possible ransomware attack.
Impact on Business Operations
The cyberattack had a considerable impact on ENGlobal’s operations, as several of its business applications, including essential financial reporting systems, were taken offline for approximately six weeks. Here are some key points regarding the incident:
- Sensitive personal information was accessed by hackers.
- Data files were encrypted, indicating a ransomware connection.
- Business applications were offline for around six weeks.
Current Status and Future Actions
Although the Houston, Texas-based company has not disclosed the number of individuals affected by the data breach or the specific types of data that were compromised, ENGlobal has committed to notifying those impacted by the incident. As of now, the company has not responded to inquiries from TechCrunch.
Restoration of Operations
In its recent filing, ENGlobal confirmed that its operations have been fully restored following the cyberattack. The company expressed confidence that the threat actor, whose identity remains unknown, no longer has access to its IT systems.
For more information on cybersecurity best practices, consider visiting CISA or exploring our related articles on cybersecurity strategies.
