Portuguese 
English 
Spanish 
5 min of reading 
0 comments 
Claiming to Have Stolen 90 GB of Data From Petrobras Via Provider SA Exploration, the Hacker Group Everest Issues an Ultimatum on the Dark Web, Exposing Weaknesses in the Cyber Security Chain and Reigniting the Debate on the Protection of Strategic Information in the Brazilian Oil Sector, with Uncertain Consequences.
The data from Petrobras would be in two large packages of information extracted after the invasion of SA Exploration’s systems, a company that provides services related to seismic research. While the criminals claim to have gigabytes of sensitive files in hand and reinforce the threat of public leakage, the state-owned company admits only a point exposure of information and denies any direct invasion of its main infrastructure, trying to mitigate image damage.
Petrobras Says It Was a “Point Exposure,” Hackers Call It an Ultimatum
According to the Everest group, the attack was successful and resulted in the extraction of two data sets: a block of 90 GB associated with data from Petrobras and another of 176 GB linked to SA Exploration itself. Among the materials, the criminals claim to have accessed detailed descriptions, screen images, and technical information that would prove the invasion.
The offensive did not occur against the state’s main network, but against the third-party provider, which integrates the chain of oil exploration services. The hackers specifically use this indirect route to increase pressure, publishing an ultimatum on the dark web and demanding that Petrobras make contact to negotiate before the supposed files are disclosed.
-
Oil surged to $115 a barrel due to the war in the Middle East, and diesel in Brazil has already risen to R$ 7.45 per liter, while the United States…
-
Brazilian city bets on the business environment to generate jobs and attract investments in the energy sector — secretary reveals strategy at Macaé Energy 2026.
-
50 viaducts, 4 tunnels, 28 bridges, and 40 kilometers of bike paths: BR-262 in Espírito Santo will receive 8.6 billion reais for the largest engineering project in the state’s history, inspired by the Immigrant Highway in São Paulo.
-
Brazil produces too much clean energy and doesn’t know what to do with it: over 20% of solar and wind capacity was wasted in 2025 while investors flee and 509 renewable generation projects were abandoned in the last year.
In a statement, Petrobras classified the episode as a localized exposure, reinforced that there was no compromise of its central systems, and highlighted that it works with cyber security protocols to protect its operations. Even so, the case gained attention precisely for involving data from Petrobras and one of the most sensitive areas of the business: technical exploration information.
How the Failure in a Provider Exposes the Security Chain
The incident reveals a critical weakness in the digital world: it is not enough to strengthen the security of the main company if partners and suppliers remain vulnerable. In the case of the alleged data from Petrobras, the path used by the criminals would have been the SA Exploration system, which provides services to the state.
When a supplier suffers an attack and has its databases compromised, those exposed are not just that company, but all the clients with whom it works. This explains why the supply chain has become one of the most sensitive links in cyber security in strategic sectors such as oil and gas, energy, telecommunications, and finance.
Beyond the Direct Risk of Leakage, Episodes Like This Can Generate:
- Distrust Among Companies and Business Partners
- Review of Contracts and Demand for More Security Controls
- Delays in Projects That Depend on Confidential Data
- Increased Costs with Audits and Protection Technologies
What Is at Stake With the Data From Petrobras
While Petrobras tries to minimize the impact by classifying the occurrence as isolated, the discussion goes beyond immediate damage. Seismic information and technical data from strategic areas like the Campos Basin have high economic and competitive value. Understanding geological structures and potential reserves in detail can influence investment decisions, auction strategies, and even competitors’ movements.
In this context, possible paths of impact include:
- Exposing Seismic Studies and Mapping of Production Areas
- Leaking Technical Reports That Guide Exploration Decisions
- Using Data by Competitors to Anticipate Moves by the State-Owned Company
- Investors Questioning the Robustness of Information Protection
Even if part of the data from Petrobras in question does not directly involve cutting-edge industrial secrets, the mere fact that a hacker group claims to have access to materials related to oil exploration is enough to raise a red flag in the market and among regulators.
Why the Oil and Gas Sector Has Become a Constant Target
Oil and gas companies deal with three assets that are tempting for digital criminals: highly valuable data, critical infrastructure, and strong geopolitical impact. This makes the sector a frequent target for attacks aimed at:
- Industrial Espionage
- Extortion, with Ransom Demands in Exchange for Not Leaking Data
- Sabotage of Operations or Systems
- Theft of Strategic Information About Reserves and Contracts
With increasing digitalization, sensors, monitoring systems, industrial networks, data analysis platforms, and integration with suppliers create a more efficient environment but also a more exposed one. The more connected the operation, the greater the attack surface and the need for serious governance over who accesses what and from where.
Cyber Security and Suppliers: The Main Lessons from the Attack
The case of the alleged data from Petrobras involving SA Exploration reinforces that the key question has shifted from “Does the company have a firewall and antivirus?” to “Does the company have a comprehensive policy to protect the entire data ecosystem, including partners and subcontractors?”.
Among the lessons that the episode leaves for the sector are:
- Carefully Evaluate the Cyber Security of Suppliers Before Hiring
- Demand Minimum Standards of Protection, Access Logging, and Encryption
- Limit the Volume of Sensitive Data Stored Outside Internal Systems
- Implement Monitoring and Periodic Audits Across the Chain
- Have Clear Incident Response, Communication, and Damage Mitigation Plans
Cyber security has ceased to be a topic just for IT and has become an issue for management, the board, and investors, especially when the topic involves strategic data from a giant like Petrobras.
Quick FAQ About the Data Leakage From Petrobras
What does the hacker group claim to have achieved?
The Everest group claims to have stolen two large packages of information: one with about 90 GB of data from Petrobras and another with 176 GB attributed to SA Exploration, including materials related to seismic research.
Does Petrobras confirm that its systems were breached?
The state-owned company denies any direct invasion of its main infrastructure and mentions a point exposure of data due to the attack on the supplier. The company reinforces that it is working to enhance the security of its information.
Why is the involvement of suppliers so sensitive in this type of case?
Because third-party companies often access strategic systems, files, and projects. When the security of these partners fails, the data of Petrobras or any large company can be affected indirectly, even if the original target is not the main company.
What measures are usually taken after such episodes?
Strengthening access controls, reviewing contracts with suppliers, implementing new layers of protection, technical audits, and revising incident response plans, in addition to communicating with authorities and the market when necessary.
In the end, the case shows that protecting Petrobras’s data also means protecting the entire chain that handles that data, from the first service provider to the last connected system.
And you, what do you think: should attacks that expose strategic data like Petrobras’s data result in harsher penalties for companies that do not adequately control the security of their suppliers?
-
-
-
-
-
11 pessoas reagiram a isso.