In response to this incident, the Company initiated an investigation and activated its incident response and management protocols. In addition, the Company deployed the following measures aimed at preventing the public disclosure of the unlawfully extracted information, addressing supervisory actions and/or potential financial costs associated with investigation, remediation, and regulatory compliance, as follows:
a. Immediate revocation of unauthorized access to the compromised digital assets.
b. Blocking of mechanisms associated with the mass download of information.
c. Identification, analysis, and containment of the tactics, techniques, and procedures (TTPs) used by the malicious actor.
d. Filing of a criminal complaint before the
e. Identification of external infrastructures used for the storage or download of information to pursue restriction or blocking actions.
f. Activation of support mechanisms with insurers and specialized capital markets teams to ensure the proper management of the event.
g. Detailed assessment of the downloaded information and determination of its criticality.
h. Enhanced monitoring of the technology infrastructure under critical alert protocols and continuous validation of preventive and detective controls.
As of the date of this report, the Company has not identified any material disruption to its critical operations, production capacity, or essential services; any direct financial impact that would prevent it from continuing to conduct its business activities; or any disclosure of the information subject to the unauthorized access. However, the Company continues to assess the potential exposure of corporate information, which could include confidential, restricted, proprietary, or personal data, as it cannot guarantee that this incident will not have a material adverse effect on the Company's business, reputation, operating results, or financial condition.
This release contains statements that may be considered forward-looking statements within the meaning of Section 27A of the U.S. Securities Act of 1933, as amended, and Section 21E of the U.S. Securities Exchange Act of 1934, as amended. All forward-looking statements, whether made in this release or in future filings or press releases, or orally, address matters that involve risks and uncertainties, including in respect of the Company's prospects for growth and its ongoing access to capital to fund the Company's business plan, among others. Consequently, changes in the following factors, among others, could cause actual results to differ materially from those included in the forward-looking statements: market prices of oil & gas, our exploration, and production activities, market conditions, applicable regulations, the exchange rate, the Company's competitiveness and the performance of Colombia's economy and industry, to mention a few. We do not intend and do not assume any obligation to update these forward-looking statements.
For more information, please contact:
Investor Relations Office
Email:
investors@ecopetrol.com.co
Head of Corporate Communications (Colombia)
Marcela Ulloa
Email:
marcela.ulloa@ecopetrol.com.co
View original content to download multimedia:https://www.prnewswire.com/news-releases/ecopetrol-reports-cybersecurity-incident-302828952.html
SOURCE Ecopetrol S.A.