Personal employee information stolen in Gyrodata ransomware attack


Oil drilling services company Gyrodata has been hit by a data security incident after an unauthorized hacker was able to gain access to certain company systems, and steal the personal information of some current and former company employees. The incident happened within the Gyrodata environment at various times for about five weeks beginning Jan. 16 this year.

The data potentially obtained by the unauthorized hacker may have contained personal information of current and former Gyrodata employees, including names, addresses, dates of birth, drivers’ license numbers, Social Security numbers, passport numbers, W-2 tax forms, and information related to health plan enrollment, according to a statement released by the Houston, Texas-based company.

Gyrodata’s line of products and services enables clients to maximize hydrocarbon recovery and optimize an asset’s life cycle cost. With about 1,000 employees operating in over 50 countries in virtually every global energy market, the oil drilling company delivers its services from a global platform focused on technology, service quality, people and clients.

Individuals whose personal information may have been involved should remain vigilant for incidents of fraud or identity theft by reviewing account statements and free credit reports for any unauthorized activity, according to the statement. “It is recommended that you review any statements that you receive from your health insurer or healthcare providers. If you see services that you did not receive, please contact the insurer or provider immediately,” it added.

Beginning Thursday, Gyrodata began mailing letters to individuals whose information may have been involved. Gyrodata has also established a dedicated call center to answer questions about this matter. As a precaution, Gyrodata is also offering individuals whose Social Security number or driver’s license number may have been affected “complementary credit monitoring and identity protection services.”

On Feb. 21 this year Gyrodata discovered that it was the target of a ransomware attack.  The company responded by immediately taking steps “to secure its systems, launched an investigation, and a cybersecurity firm was engaged to assist with its investigation,” according to the company statement. Gyrodata also notified federal law enforcement of the incident and continues to support their investigation.

To help prevent a similar incident from occurring in the future, Gyrodata implemented additional security measures designed to enhance the security of its network, systems, and data.

Industrial cybersecurity company OTORIO had in December last year in its list of industrial cybersecurity predictions for this year expected an increase in COVID-19 accelerated ransomware attacks targeting industrial companies. Those predictions have proven accurate with the spate of ransomware incidents faced by the industrial sector in just the first four months of the year. 

Corrugated packaging and consumer packaging company WestRock detected in January a ransomware incident affecting ‘certain of its operational and information technology systems.’ The ransomware incident led to shipments from some of its facilities lagging in production levels. 

Last month, IoT company Sierra Wireless halted production at its manufacturing sites after the company was hit by a ransomware attack on its internal IT systems. Its website and other internal operations have also been disrupted by the attack.

Malware, vulnerabilities targeting OT systems surge

Increasing threats of vulnerabilities are steadily rising, particularly in sensitive areas such as OT systems and network devices, putting vital infrastructure at risk, according to data released by Skybox Research

Share on facebook
Share on google
Share on twitter
Share on linkedin
Share on whatsapp


Join over 5,000 Industrial OT & Cyber professionals

Weekly Newsletter direct to your inbox