Pakistan Petroleum Limited (PPL) has disclosed a cybersecurity incident involving a ransomware intrusion targeting parts of its IT infrastructure.
The intrusion was detected on August 6, 2025, following which PPL immediately activated its internal cybersecurity protocols.
In a notice sent to the Pakistan Stock Exchange, the company stated that its IT and cybersecurity teams, in collaboration with external experts, took swift containment measures. These included the precautionary suspension of selected non-critical IT services to safeguard system integrity.
PPL confirmed that its multi-layered cybersecurity systems enabled rapid isolation of the threat. There is no evidence of any compromise to business-critical or sensitive data, and core operations remain unaffected.
The company also clarified that a news item circulating on social media carried inaccuracies. While a ransomware note was received, PPL reported the incident to relevant law enforcement and regulatory bodies as required. No contact was made with the perpetrators, and financial transactions were processed manually during the incident as a precautionary measure.
The company is conducting a comprehensive forensic analysis to further strengthen its cyber resilience. IT services are being restored in a secure, phased manner. PPL reiterated its commitment to transparency, digital security, and maintaining the trust of its stakeholders through proactive cyber risk management. – ER News Desk
