ENGlobal, a US-based engineering firm providing services to the federal government and critical infrastructure organizations, has confirmed that hackers accessed "sensitive personal information" from its systems during a November 2024 cyberattack. The company disclosed the breach in an updated 8-K filing with the US Securities and Exchange Commission (SEC) on Monday.

The cyberattack, which is believed to be related to ransomware, resulted in the encryption of some of ENGlobal's data files. The company's financial reporting systems and other business applications were offline for approximately six weeks, indicating the severity of the incident. Despite the breach, ENGlobal claims that its operations have been "fully restored" and that the threat actor no longer has access to its IT systems.

Notably, ENGlobal has not yet disclosed the number of individuals affected by the breach or the specific types of data that were accessed. The company has stated that it will notify those affected, but has not provided a timeline for doing so. TechCrunch's requests for additional information have gone unanswered, leaving many questions about the incident still unanswered.

The breach is particularly concerning given ENGlobal's role as a provider of engineering and automation services to critical infrastructure organizations and the federal government. The company's systems and data may contain sensitive information related to national security, public safety, or other critical infrastructure, making the breach a potential risk to these entities.

The incident serves as a reminder of the ongoing threat posed by ransomware attacks, which have become increasingly common in recent years. The attack on ENGlobal highlights the need for organizations, particularly those in critical infrastructure sectors, to prioritize cybersecurity and implement robust measures to prevent and respond to such incidents.

As the investigation into the breach continues, it remains to be seen what steps ENGlobal will take to prevent similar incidents in the future and to ensure the security of its systems and data. The company's response to the breach will be closely watched, and its actions will likely have implications for the broader cybersecurity landscape.

In the meantime, the incident serves as a wake-up call for organizations to re-examine their cybersecurity posture and to take proactive steps to protect against the growing threat of ransomware attacks.