ENGlobal Corporation, a major contractor in the energy sector and federal government, was locked out of its financial systems for six weeks following a ransomware attack that began on 25 November 2024, the company disclosed in a filing with the US Securities and Exchange Commission (SEC).

The attack disrupted access to key business applications, affecting operational and corporate functions, including financial and reporting systems. However, ENGlobal stated that its systems have been fully restored, and the attackers no longer have access.

The Oklahoma-based company also confirmed that the breach involved unauthorised access to sensitive personal information stored on its IT systems. The company stated that affected individuals will be notified accordingly.

In an earlier SEC filing in December, ENGlobal revealed that the attackers had encrypted data files after gaining access, forcing the company to restrict IT system access and limit operations to essential functions. Despite the disruption, the company does not expect a material financial impact from the incident.

Founded in 1985, ENGlobal specialises in designing and constructing automation and instrumentation systems for commercial and government clients, including the US defence industry. The company reported$6 million in 2024 third-quarter revenue last quarter.

No ransomware group has claimed responsibility for the attack, which caused a longer-than-average outage.