Tech
Romanian oil pipeline operator Conpet discloses cyberattack
Conpet, Romania’s national oil pipeline operator, has disclosed that a cyberattack disrupted its business systems and took down the company’s website on Tuesday.
Conpet operates nearly 4,000 kilometers of pipeline network, supplying domestic and imported crude oil and derivatives, including gasoline and liquid ethane, to refineries nationwide.
In a Wednesday press release, the company said the incident affected its corporate IT infrastructure but didn’t disrupt its operations or its ability to fulfill its contractual obligations.
Conpet added that the cyberattack also took down its website and that it’s now investigating the incident and restoring affected systems with the help of national cybersecurity authorities.
The pipeline operator has also notified the Directorate for Investigating Organized Crime and Terrorism (DIICOT) and filed a criminal complaint regarding the incident.
“We note that the operational technologies (SCADA System and Telecommunications System) were not affected, so the company’s core business, consisting of the transport of crude oil and gasoline through the National Oil Transport System, is operating normally and there are no disruptions in its operation,” it said. “As a result of this incident, the company’s website www.conpet.ro cannot be accessed during this period.”
While the company has yet to disclose the nature of the cyberattack, the Qilin ransomware gang has claimed responsibility and added Conpet to their dark web leak site earlier today.
The threat actors also claim they’ve stolen nearly 1TB of documents from Conpet’s compromised systems and leaked over a dozen photos of internal documents containing financial information and passport scans as proof of the breach.
Qilin emerged in August 2022 as a Ransomware-as-a-Service (RaaS) operation under the “Agenda” name. Over the last four years, it has claimed responsibility for nearly 400 victims, including high-profile organizations such as Nissan, Japanese beer company Asahi, publishing giant Lee Enterprises, pathology services provider Synnovis, and Australia’s Court Services Victoria.
BleepingComputer reached out to Conpet with questions about the incident, but a response was not immediately available.
This cyberattack follows ransomware attacks on Romanian Waters (Romania’s water management authority) and Oltenia Energy Complex (the country’s largest coal-based energy producer) in December.
In December 2024, Electrica Group (a major Romanian electricity supplier and distributor) was also breached in a Lynx ransomware attack, while over 100 Romanian hospitals were knocked offline in February 2024 after a Backmydata ransomware attack took down their healthcare management systems.
Modern IT infrastructure moves faster than manual workflows can handle.
In this new Tines guide, learn how your team can reduce hidden manual delays, improve reliability through automated response, and build and scale intelligent workflows on top of tools you already use.