Cyber Incident Victim: Oil India Limited

On April 1, 2022, Oil India Limited's registered headquarters in Duliajan, Assam, experienced a confirmed cyber attack that disrupted normal operations. The attack prompted the company to immediately shut down all computers and IT systems at the facility as a containment measure. Located in Dibrugarh district, the headquarters faced significant operational interruptions due to this defensive action. A company spokesman publicly acknowledged the incident on the same day, confirming the cyber attack's occurrence but providing no immediate details about its origin or nature. The shutdown affected standard business processes reliant on computer systems, though the company did not specify which particular operations or departments were most impacted. No information was disclosed regarding whether the attack compromised sensitive data or extended beyond the Duliajan headquarters to other facilities. The response focused on isolation as the primary containment strategy to prevent potential spread within the network.

The incident marked a notable cybersecurity event for India's energy sector, given Oil India Limited's status as a major public sector undertaking in oil and gas exploration. The company did not release further technical details about the attack vector, suspected threat actors, or specific malware involved in the breach. Operational continuity measures were implemented during the system shutdown, though their effectiveness and duration remained unspecified in initial reports. The spokesman's confirmation established the event as a deliberate cyber intrusion rather than technical failure, distinguishing it from routine IT outages. No immediate claims of responsibility by hacking groups or demands for ransom were reported in connection with the attack. The company's prioritization of system isolation over continued operations reflected a risk-averse approach to potential infrastructure compromise.