PPL contains ransomware attack; core operations remain unaffected

KARACHI: Pakistan Petroleum Limited (PPL) has confirmed it successfully contained a ransomware intrusion targeting parts of its IT infrastructure earlier this week, with no impact on core operational systems or sensitive business data.

According to a company statement to PSX, the incident was detected on August 6, prompting the immediate activation of PPL’s internal cybersecurity protocols. The company’s IT and cybersecurity teams, working alongside external experts, swiftly implemented containment measures — including the temporary suspension of certain non-critical IT services — to protect system integrity and limit any potential impact.

PPL stated that its multi-layered cybersecurity framework allowed the threat to be rapidly isolated. “There is no indication of business-critical or sensitive data being compromised,” the company said, adding that all core operations continued uninterrupted.

The clarification comes amid inaccurate reports circulating on social media. PPL confirmed it had received a ransomware note from an external actor but stressed that no direct contact was made with the hackers. In compliance with legal requirements, the incident was reported to relevant law enforcement and regulatory authorities, with investigations currently under way in coordination with these agencies.

Copyright Business Recorder, 2025