Newpark Resources Hit by Ransomware; Activates cybersecurity response

Texas-based oilfield services provider Newpark Resources has discovered a ransomware attack by an unauthorized party that accessed internal systems. The company activated its cybersecurity response plan and began investigating with third-party consultants to assess and mitigate the threat. However, the ransomware incident disrupted access to some of the company's information systems and business applications, while outage procedures remained in place in production and the field.

“On October 29, 2024, the Company discovered a ransomware cybersecurity incident (“Incident”) in which an unauthorized third party gained access to certain of the Company’s internal information systems,” Newpark Resources disclosed in an SEC filing last week. “Following the discovery, the company activated its cybersecurity response plan and initiated an internal investigation, with the assistance of external consultants, to assess and contain the threat.”

The Newpark filing further states that the incident resulted in disruptions and restrictions on access to certain of the company's information systems and business applications that support aspects of the company's operations and corporate functions, including financial and operational reporting systems. However, the Company's manufacturing and field operations continued in all material respects using established downtime procedures.

“The full extent of the costs and associated impact of the incident, including any future impact on our financial condition and results of operations, has not yet been determined,” Newpark added. “Based on the Company's current knowledge of the facts and circumstances surrounding this incident, the Company believes that this incident is unlikely to have a material impact on the Company's financial condition or results of operations. If the relevant facts and circumstances change materially, the Company will make all necessary disclosures.”

Newpark is a geographically diversified company that delivers the highest quality and reliability in critical infrastructure markets, including power transmission and distribution, oil and gas exploration, pipeline, renewable energy, petrochemical, construction and other industries.

In August, Halliburton, a global provider of services to the energy industry, announced that a cyberattack had forced the company to shut down some of its systems. Typically, such breaches involve unauthorized third-party access, often resulting in service interruptions, system shutdowns, and the activation of incident response plans. At that time, the company activated its cybersecurity response plan and initiated an internal investigation with the assistance of external consultants to assess and remediate the unauthorized activity.

In third-quarter results announced last week, Halliburton said it “recognized a pretax charge of $116 million in the third quarter of 2024 due to severance costs, an impairment of assets held for sale and expenses in the third quarter of 2024.” related to a cybersecurity incident.”, a gain on an investment and other items.”

Jeff Miller, chairman, president and CEO, noted that Halliburton “had a $0.02 per share impact on our adjusted earnings from lost or delayed revenue due to the August cybersecurity event and the Gulf of Mexico storms.”

“While not material in any way, the update shows that cyber incidents are becoming more prominent on the corporate agenda,” wrote Andy Watkin-Child, founding partner at Veritas GRC, in a LinkedIn post. “Because the board is more transparent about the impact of cyber incidents, this is required under the SEC’s cyber rules.”