ENGlobal Corporation, an energy sector contractor, has confirmed that personal information was accessed during a November 2024 ransomware attack. In December 2024, the company stated that some data on its systems had been encrypted in the attack, but did not mention data theft. However, in a new filing with the U.S. Securities and Exchange Commission (SEC), ENGlobal revealed that attackers were able to compromise personal information. The company has not shared details as to how many people were affected and the threat actor behind the ransomware attack. 

Read more: https://www.securityweek.com/englobal-says-personal-information-accessed-in-ransomware-attack/