Romania's state-owned pipeline operator, Conpet, recently suffered a cyberattack that targeted its business IT systems and took its official website offline. Despite the digital breach, the company confirmed that its critical transport infrastructure remains fully operational and oil deliveries continue without interruption.

Romania’s national oil pipeline operator, Conpet, recently announced that its business IT infrastructure was targeted by a cyberattack on February 3, 2026. As a state-controlled entity responsible for the country’s entire network of crude oil, condensate, and liquid petroleum pipelines, the company plays a vital role in moving domestic and imported resources to refineries. While the attack managed to disrupt internal business systems and disable the corporate website, the company was quick to clarify the limits of the breach.

The organization emphasized that the incident did not compromise its operational technology, specifically noting that the SCADA and telecommunications systems remained secure. Because these core systems were unaffected, the National Oil Transport System has continued to function at normal parameters. There have been no reported safety issues or delays in the transport of oil and fuel, ensuring that the country's energy supply chain remains stable despite the technical difficulties in the main office.

In response to the detection of the breach, Conpet specialists initiated immediate mitigation protocols to contain the damage. The company is currently collaborating with Romania’s national cybersecurity authorities to conduct a thorough investigation and restore the impacted business servers. To address the legal and criminal aspects of the intrusion, Conpet also filed a formal complaint with the Directorate for Investigating Organized Crime and Terrorism on the same day the attack was discovered.

Despite the company's efforts to manage the situation, external reports have shed more light on the nature of the threat. The Qilin ransomware group recently added Conpet to its data leak site, claiming responsibility for the intrusion. The hackers allege that they successfully exfiltrated one terabyte of sensitive information during the attack. To support these claims, the group published images of stolen data as evidence of the security breach, suggesting a significant data theft occurred alongside the system disruptions.

Conpet maintains that the incident has no bearing on its financial stability or its capacity to fulfill existing contractual obligations with its partners. While the website remains inaccessible and the investigation into the stolen data continues, the operator insists that the primary goal of the business—the safe movement of petroleum products—remains unhindered. The company continues to work toward a full recovery of its digital environment while navigating the challenges posed by the extortion group.

Source: Romania’s National Oil Pipeline Operator Conpet Reports Cyberattack