Engineering giant ENGlobal confirms hackers hit internal data

(Image credit: Avast)

ENGlobal updates 8-K filing with the SEC following November 2024 attack
Firm confirms hackers hit internal data
However there's no details about the attackers or the number of victims

Engineering giant ENGlobal has now confirmed the attackers which hit its systems in Novemeber 2024 did indeed compromise its internal documents.

In an updated 8-K form, the company said a preliminary investigation “revealed that a threat actor illegally accessed the company’s information technology system and encrypted some of its data.”

So, not only was this a data grab, this was also a ransomware attack.

No material impact

“The cybersecurity incident involved the threat actor’s access to a portion of the Company’s IT system that contained sensitive personal information," the form added. "The company intends to provide notifications to affected and potentially affected parties and applicable regulatory agencies as required by federal and state law.”

The ransomware attack hit the company pretty hard, it seems, since it added it took weeks to get back on track:

“The cybersecurity incident limited the company’s ability to access portions of its business applications that supported aspects of the company's operations and corporate functions, including financial and operating reporting systems for approximately six weeks.”

However, at the time the document was filed, all operations have been fully restored, and ENGlobal believes the attackers are no longer lurking in their network. It also said that the attack did not have a material impact, and that it’s “not reasonably likely” that it will have such an impact.

“As part of its remediation efforts, the Company is working with cybersecurity experts to reinforce its IT system, strengthen its surveillance of cybersecurity threats and prevent future unauthorized access to its IT system.”

ENGlobal is an engineering and automation services company that provides solutions for various industries, including energy, chemicals, and government. Based in the U.S., it operates globally, with approximately 500 employees, and generates annual revenue of around $100 million.

The identity of the attackers was not revealed, and we still don’t know how many people are affected by this incident.

If your business data appears on the dark web, get ready to face a cyberattack
Here's a list of the best firewalls around today
These are the best endpoint security tools right now

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.