Ecopetrol Faces Cybersecurity Incident with Data Breach and Extortion Threat

Ecopetrol Faces Cybersecurity Incident with Data Breach and Extortion Threat

First seen 18 Jul 2026, 06:32 UTC DevdiscourseMarkets.FtUk.Finance.Yahoowww.prnewswire.com 85% similarity 54.8

Article Content

Browse articles
ThreatCluster

Ecopetrol S.A., Colombia's state-owned energy company, reported unauthorized access to its digital resources on July 17, 2026. An external actor gained access to cloud-based file storage affecting around 15 subsidiaries, leading to the unauthorized download of data from approximately 3,300 user accounts. The attacker has made extortion demands, threatening to publicly release the stolen data. The company has activated its incident response protocols, including revoking unauthorized access and blocking download mechanisms. A criminal complaint has been filed with the Office of the Attorney General of Colombia. As of now, there is no material disruption to operations or financial impact reported. However, the company is assessing potential exposure of sensitive corporate information.

Key Points: • Ecopetrol reported unauthorized access affecting 3,300 user accounts. • An attempted ransomware attack was blocked by existing cybersecurity measures. • The company has initiated an investigation and filed a criminal complaint.

ThreatCluster AI

Timeline

2026-07-17
Unauthorized access detected at Ecopetrol
Ecopetrol identified unauthorized access to digital resources and an attempted ransomware attack, affecting 15 subsidiaries.
Markets.Ft
2026-07-17
Extortion demands communicated by hacker
The unidentified hacker threatened to publicly disclose the unlawfully extracted data from approximately 3,300 user accounts.
Devdiscourse
2026-07-17
Incident response protocols activated
Ecopetrol initiated its incident response, including revoking unauthorized access and filing a complaint with authorities.
www.prnewswire.com

Community

Browse all →