ENGlobal Corporation Hit by Ransomware Attack, Data Encrypted

ENGlobal Corporation has fallen victim to a ransomware attack that granted perpetrators access to the company’s IT systems, resulting in the encryption of certain data. The attack was discovered on November 25, at which point the company notified the U.S. Securities and Exchange Commission (SEC).

In response, ENGlobal Corporation restricted employee access to its IT infrastructure, maintaining availability only for critical operations. To address the breach, the company initiated an internal investigation and enlisted external cybersecurity experts.

The timeline for fully restoring access to the IT systems remains uncertain, and it is unclear whether the incident will have a significant impact on the company’s financial performance. As of now, no known hacker group has claimed responsibility for the attack.

ENGlobal Corporation specializes in the development and construction of automated control systems for both commercial enterprises and government agencies. Founded in 1985, the company focuses on designing and automating energy sector facilities both within the United States and internationally. During the first nine months of 2024, ENGlobal Corporation reported earnings of $18.4 million, with particular emphasis on automation solutions and tools for the U.S. defense industry.

The attack on ENGlobal Corporation has raised concerns, particularly in light of the recent incident involving Johnson Controls, a major player in building automation. That attack affected developers of fire safety, ventilation, and security systems, drawing the attention of the U.S. Department of Homeland Security. Such breaches have the potential to expose sensitive data, including documents, contracts, and plans for government-critical infrastructure.