Over 50% of the top oil and gas companies worldwide suffered data breaches in the past 30 days

A recent Cybernews analysis found that 94% of the world’s top 400 oil and gas companies have suffered at least one data breach to date.

Over 50% of the analyzed oil and gas firms were breached in just the last 30 days.

Moreover, according to the Cybernews Business Digital Index, which grades businesses based on their online security measures, 69% of the companies received a cybersecurity score of D or F, and only 10% achieved an A grade.

“When a company suffers a data breach, customers, partners, and investors may lose confidence in the company’s ability to protect sensitive information. Breaches often involve ransomware or systems being taken offline, which can halt critical operations like drilling, refining, or logistics. Even a short disruption in the oil and gas industry can cost millions and affect global supply chains,” says Vincentas Baubonis, Head of Security Research at Cybernews.

Key research takeaways:

• 94% of the largest oil and gas companies had experienced at least one breach, and over 50% were breached within the last 30 days.
• Nearly 7 in 10 oil and gas companies are in the high-risk category for cybersecurity, with 35% scoring an F and 34% a D.
• Asia-based companies had the lowest average score at 65. Europe and North America followed closely with average scores of 74.
• Credential hygiene is a major weak spot, especially in Asia, where 68% of companies reused previously compromised passwords.
• Email security remains a critical weakness, affecting 48% of organizations worldwide.
• 74% of companies contain insecure configurations in their servers.
• Issues with SSL/TLS configuration were identified in 91% of organizations.
• More than 80% of firms had corporate credentials stolen, while 38% of domains were susceptible to email spoofing attacks.