Updates: Halliburton Incurs About $35M in Expenses Related to August 2024 Cyberattack

Summary: Halliburton’s CEO reported that an August cyberattack and Gulf storms impacted the company’s earnings, resulting in a $35 million charge and a 2 cents per share effect on adjusted earnings. Despite these challenges, Halliburton’s financial outlook remains stable, with plans to work closely with customers to recover from the incident.

Threat Actor: RansomHub | RansomHub
Victim: Halliburton | Halliburton

Key Point :

  • The cyberattack led to a $35 million charge and impacted free cash flow due to delayed billing and collections.
  • Halliburton paused its share buyback program while assessing the impact of the intrusion.
  • The company plans to delay the implementation of its SAP S4 project by three to six months, incurring an additional $20 million to $30 million in expenses.
  • Despite the attack, Halliburton’s expectations for free cash flow and cash returned to shareholders remain unchanged.
  • The FBI and CISA had previously warned about the RansomHub threat group, which is suspected to be behind the attack.

Halliburton CEO Jeff Miller said an August cyberattack and storms in the Gulf of Mexico resulted in a 2 cents a share impact on its adjusted earnings due to lost or delayed revenue, during a quarterly conference call with Wall Street analysts. The company reported $35 million in charges directly due to the attack.

The attack impacted free cash flow during the quarter due to delayed billing and collections, Miller said. The company also paused its share buyback program, while the company examined the impact on the intrusion. 

The Houston company is one of the world’s largest providers of oil services. Halliburton’s expectations for free cash flow and cash returned to shareholders remains unchanged. 

Miller thanked company employees for their efforts during the attack and also thanked customers for their support and collaborating closely with the company while it responded to the incident. 

“Our employees maintained operational continuity under challenging conditions, and I celebrate their effort and grit as they work through the event,” Miller said. 

The company reported adjusted net income of $641 million on revenue of $5.7 billion in the third quarter. 

Miller said the attack did not have a material effect on its financial condition or operating results. 

The company does not expect to have significant new expenses related to the incident during the fourth quarter, according to CFO Eric Carre. The free cash flow issue was related to system outages, which impacted the firm’s ability to invoice customers and collect receivables. 

Halliburton plans to work closely with customers to collect, and expects that to happen during the fourth quarter. 

The company previously disclosed the attack, discovered August 21, led it to take certain systems offline. The attack, which led to data theft, is suspected to be related to a threat group called RansomHub, one of the most active in the world this year. 

The FBI and Cybersecurity and Infrastructure Security Agency issued a warning about the group more than two months ago.

Moody’s issued a report in October noting that cybersecurity is an important focus in the oil and gas industry. There are concerns about risk, in part due to high insurance costs. Only 51% of companies in the sector have standalone cyber coverage.

The company said it also completed the implementation of SAP S4 in its first country. However, based on lessons learned, plus the cyber event, it plans to delay the project three to six months and said related expenses will increase by $20 million to $30 million.

Source: https://www.cybersecuritydive.com/news/halliburton-35-million-cyberattack/732397