Staff Report
ISLAMABAD: Pakistan Petroleum Limited (PPL), a leading state-run oil and gas company, has been hit by a ransomware attack that crippled parts of its IT infrastructure for two days, disrupting financial operations and prompting urgent cybersecurity measures.
Sources said the hackers, identifying themselves as “Blue Locker,” encrypted company servers, blocked access to backups, and claimed to have stolen sensitive operational, contractual, and employee data. They reportedly demanded a ransom in exchange for a decryption tool and a promise not to leak the information.
In an email to employees, the attackers warned that any independent attempts to recover the data could result in permanent loss and threatened to release the stolen information publicly if negotiations were not initiated.
PPL confirmed a “cybersecurity incident” detected on August 6, stating that internal protocols were activated immediately and select non-critical IT services were suspended to contain the breach. The company maintained that core operational systems remain unaffected and there is currently no indication of compromise to business-critical or sensitive data.
The matter has been reported to law enforcement and regulatory authorities, and forensic investigations are under way with the help of external experts. Authorities and other oil and gas companies have been alerted to the threat.
Cybersecurity experts warn that the attack underscores the vulnerability of critical national infrastructure and the urgent need for enhanced digital defenses across state-owned enterprises.
