ENGlobaldisclosed cybersecurity breach as CenterPoint Energy investigates possible data leak
ENGlobal Corporation recently shared further insights about a cybersecurity incident it encountered last year in an SEC filing, where cyber adversaries illegally accessed its IT systems and disrupted access to business applications for about six weeks. The breached company detailed the impact and its continuous efforts to resolve the breach. Concurrently, CenterPoint Energy is probing a possible data leak that could have compromised sensitive information, raising red flags about data safety and security measures.
In light of the cybersecurity incident, Darren W. Spriggs, the CFO of ENGlobal Corporation, mentioned in the SEC document, “As a response to an illegal access of our IT system, we immediately contained and dealt with the cybersecurity incident, including launching an internal investigation and engaging cybersecurity experts.” The breach impaired access to business applications necessary for the company’s operations and corporate functions for a significant period.
ENGlobal Corporation assured that its operations and corporate functions are back to normal and it is cooperating with cybersecurity specialists to reinforce its IT systems. Additionally, they are strengthening their surveillance of cybersecurity threats to prevent unauthorized access in the future. The breach involved access to personal information, prompting the company to notify affected parties and regulatory agencies as required by law.
Commenting on this incident, Darren Williams, CEO of BlackFog, emphasized the concerning trend of cyberattacks on critical infrastructure, citing the energy sector’s prominence as a target due to the potential for widespread disruption. The fact that hackers accessed sensitive data during this attack underscores the urgent need for robust security measures in the energy sector to counter escalating threats.
Regarding ransomware attacks, Williams highlighted the risks organizations face and urged enterprises to adopt proactive security measures. Warning against paying ransoms, as it may embolden attackers and fail to prevent misuse of stolen data, he emphasized the critical importance of data protection strategies.
Concurrently, CenterPoint Energy is investigating a potential data leak of customer data linked to a past breach. Reports of stolen customer data surfaced on a cybercriminal forum led to the ongoing investigation. While the source of the leak appears to be a third-party vendor’s system, CenterPoint Energy asserted that its network was not compromised, underscoring the challenges of securing third-party data handling.
The disclosure of these breaches comes in the context of U.S. President Donald Trump naming Mark Christie as the new chair of the Federal Energy Regulatory Commission (FERC), a significant regulator overseeing U.S. power grids. Christie’s appointment signals a change in leadership at the FERC, responsible for major decisions impacting the energy sector.
These incidents highlight the pressing need for heightened cybersecurity measures across industries, especially critical infrastructure sectors like energy and utilities. Organizations must remain vigilant and proactive in safeguarding their systems and sensitive data to thwart cyber threats and mitigate potential risks.
