2024-08-22 HALLIBURTON CO Cybersecurity Incident

Page last updated on September 4, 2024

HALLIBURTON CO initially disclosed a cybersecurity incident in an SEC 8-K filing on 2024-08-22 18:57:32 EDT.

Company Summary

Halliburton Company is an American multinational corporation and the world’s second largest oil service company which is responsible for most of the world’s largest fracking operations. (Source: Wikipedia)

Incident Details

Material: Unknown
Is Breach: Unknown
Records Compromised: Unknown
Data Types Impacted: No Data Types Tracked (yet)

Compromised Date:
Detected Date: 2024-08-21
Disclosure Date: 2024-08-22
Contained Date:
Recovered Date:

Attack Goal: Unknown

Costs: No Costs Tracked (yet)

Filings

8-K filed on 2024-08-22

HALLIBURTON CO filed an 8-K at 2024-08-22 18:57:32 EDT
Accession Number: 0000045012-24-000049

Item 8.01 Other Events.

On August 21, 2024, Halliburton Company (the “Company”) became aware that an unauthorized third party gained access to certain of its systems.

When the Company learned of the issue, the Company activated its cybersecurity response plan and launched an investigation internally with the support of external advisors to assess and remediate the unauthorized activity. The Company’s response efforts included proactively taking certain systems offline to help protect them and notifying law enforcement. The Company’s ongoing investigation and response include restoration of its systems and assessment of materiality.

The Company is communicating with its customers and other stakeholders. The Company is following its process-based safety standards for ongoing operations under the Halliburton Management System, and is working to identify any effects of the incident.

8-K filed on 2024-09-03

HALLIBURTON CO filed an 8-K at 2024-09-03 06:01:25 EDT
Accession Number: 0000045012-24-000052

Item 1.05 Material Cybersecurity Incidents.

As previously disclosed in a Current Report on Form 8-K, on August 21, 2024, Halliburton Company (the “Company”) became aware that an unauthorized third party gained access to certain of its systems.

When it learned of the issue, the Company activated its cybersecurity response plan and launched an investigation internally with the support of external advisors to assess and remediate the unauthorized activity. The Company’s response efforts included proactively taking certain systems offline to help protect them and notifying law enforcement. The Company’s ongoing investigation and response include restoration of its systems and assessment of impacted data.

Likewise, the Company has been and is communicating with its customers and other stakeholders regarding the incident. The Company is following its process-based safety standards for ongoing operations under the Halliburton Management System and is working to identify effects of the incident.

The Company continues to provide its products and services to customers globally.

The incident has caused disruptions and limitation of access to portions of the Company’s business applications supporting aspects of the Company’s operations and corporate functions. The Company believes the unauthorized third party accessed and exfiltrated information from the Company’s systems. The Company is evaluating the nature and scope of the information, and what notifications are required.

The Company has incurred, and may continue to incur, certain expenses related to its response to this incident. As of the date of this Current Report on Form 8-K, the Company believes that the incident has not had, and is not reasonably likely to have, a material impact on the Company’s financial condition or results of operations. The Company remains subject to various risks due to the incident, including the adequacy of processes during the period of disruption, diversion of management’s attention, potential litigation, changes in customer behavior, and regulatory scrutiny.

Company Information