Pakistan Petroleum Limited Addresses Ransomware Incident

Pakistan Petroleum Limited (PPL), a company involved in oil and gas exploration, has announced that it experienced a ransomware attack targeting specific areas of its IT infrastructure. The intrusion was identified on August 6, 2025. According to the firm, the situation was quickly managed, ensuring that essential systems and private information remained secure.

The exploration and production company communicated this event in a formal notification to the Pakistan Stock Exchange (PSX) this Friday.

PPL stated, “We wish to inform you that Pakistan Petroleum Limited recently encountered a cybersecurity event characterized by a ransomware intrusion aimed at particular components of its IT setup.”

The company mentioned that the event came to light on August 6, 2025, leading to the immediate implementation of PPL’s established cybersecurity procedures.

“The IT and cybersecurity teams, along with external specialists, initiated swift and effective control measures. This included temporarily halting certain non-critical IT services as a safety measure to reduce any possible effects and maintain system integrity,” the statement explained.

PPL reported that the threat was “quickly isolated” due to the company’s established multi-layered cybersecurity system.

“There is no evidence suggesting that vital business or sensitive data has been compromised. Core operating systems are still working properly, without any interruptions,” the company stated.

PPL also revealed that they received a ransomware message from an outside party.

“As per legal obligations, the matter has been communicated to the appropriate regulatory and law enforcement bodies. Investigations are currently underway, in collaboration with these agencies,” the company announced.

The business clarified that there has been no communication with the individuals responsible for the cyberattack.

“Financial operations (payments) were executed manually, and the system was deliberately avoided for transactions during the comprehensive scan,” the statement clarified.

PPL has affirmed its dedication to performing an in-depth forensic examination to strengthen its cyber defenses.

“IT teams have been actively working to securely restore complete system functionality in stages. PPL places the utmost importance on protecting its digital infrastructure and is committed to preserving the confidence of its stakeholders through well-timed actions and proactive cyber risk management,” the firm stated.