Pakistan Petroleum Limited Confirms Ransomware Attack, No Sensitive Data Breached

KARACHI: Pakistan Petroleum Limited (PPL) has confirmed that it was targeted in a ransomware cyberattack, during which the perpetrators demanded a ransom from the company.

In an official statement, PPL revealed that a ransom note was received after the breach, prompting immediate notification to relevant regulatory bodies and law enforcement agencies. A detailed investigation into the attack is currently in progress.

The company stated that although parts of its IT infrastructure were temporarily shut down as a precaution, no sensitive data was compromised. PPL emphasized that it has not engaged in any communication with the attackers thus far.

According to a spokesperson, the breach was swiftly contained under the company’s cybersecurity response protocols, helping minimize the impact. A comprehensive forensic audit is now underway to determine the origin and full scope of the cyberattack.

Related Incident: Pak Suzuki Cyberattack

This event follows a similar incident last year involving Pak Suzuki Motor Company Limited, which reported that its HR, financial, and other corporate data had been leaked after a major cyberattack. In a filing to the Pakistan Stock Exchange (PSX), Suzuki acknowledged hiring cybersecurity experts to conduct a forensic review and mitigate further risks.

Both incidents highlight growing concerns over cybersecurity vulnerabilities in Pakistan’s corporate sector, as companies increasingly rely on digital infrastructure for operations.