Oil and Natural Gas Corporation Ltd Company CyberSecurity Posture
http://www.ongcindia.com/
Maharatna ONGC is the largest producer of crude oil and natural gas in India, contributing around 70 per cent of Indian domestic production. The crude oil is the raw material used by downstream companies like IOC, BPCL, HPCL to produce petroleum products like Petrol, Diesel, Kerosene, Naphtha, Cooking Gas-LPG. ONGC is India’s Top Energy Company and ranks 14th among global energy majors (Platts). It is the only Indian company to figure in Fortune’s ‘Most Admired Energy Companies’ list. ONGC ranks 226th overall in Forbes Global 2000. Acclaimed for its Corporate Governance practices, Transparency International has ranked ONGC 26th among the biggest publicly traded global giants. It is most valued public enterprise in India, and one of the highest profit-making and dividend-paying. ONGC has a unique distinction of being a company with in-house service capabilities in all areas of Exploration and Production of oil & gas and related oil-field services. Winner of the Best Employer award, a dedicated team of over 25,000 professionals toil round the clock in challenging locations. ONGC is an integrated energy company with interests in upstream, midstream and downstream sector of the hydrocarbon value chain, renewables, LNG, Power generation, petrochemicals and Value Added Products. ONGC's wholly-owned subsidiary Navratna ONGC Videsh Limited (OVL) is the biggest Indian multinational in the energy space, participating in 32 oil and gas properties in 15 countries. ONGC's subsidiary Mangalore Refinery and Petrochemicals Limited (MRPL) is a Schedule ‘A’ Miniratna, with a single-location refining capacity of 15 million tons per annum. ONGC subsidiary HPCL is a Maharatna CPSE, and has the second largest share of product pipelines in India with a pipeline network of more than 3370 kms for transportation of petroleum products and a vast marketing network consisting of 14 Zonal offices and 133 Regional Offices.
Company Details
oilandnaturalgascorporation
17,753
569,346
211
http://www.ongcindia.com/
0
OIL_3310594
In-progress
ONGCL Risk Score (AI oriented)Between 800 and 849
ONGCL Global Score (TPRM)XXXX
Description: A blowout occurred at Well No RDS 147A in the Rudrasagar oil field, Assam, operated by SK Petro Services on behalf of ONGC. The incident started on June 12 and was capped on June 27. Over 330 families were evacuated, and the state government provided relief and ₹25,000 aid to each affected family. The blowout caused significant concern and required extensive crisis management efforts.
Oil and Natural Gas Corporation Ltd has 17.65% more incidents than the average of same-industry companies with at least one recorded incident.
Oil and Natural Gas Corporation Ltd has 29.87% more incidents than the average of all companies with at least one recorded incident.
Oil and Natural Gas Corporation Ltd reported 1 incidents this year: 0 cyber attacks, 0 ransomware, 1 vulnerabilities, 0 data breaches, compared to industry peers with at least 1 incident.
ONGCL cyber incidents detection timeline including parent company and subsidiaries
Maharatna ONGC is the largest producer of crude oil and natural gas in India, contributing around 70 per cent of Indian domestic production. The crude oil is the raw material used by downstream companies like IOC, BPCL, HPCL to produce petroleum products like Petrol, Diesel, Kerosene, Naphtha, Cooking Gas-LPG. ONGC is India’s Top Energy Company and ranks 14th among global energy majors (Platts). It is the only Indian company to figure in Fortune’s ‘Most Admired Energy Companies’ list. ONGC ranks 226th overall in Forbes Global 2000. Acclaimed for its Corporate Governance practices, Transparency International has ranked ONGC 26th among the biggest publicly traded global giants. It is most valued public enterprise in India, and one of the highest profit-making and dividend-paying. ONGC has a unique distinction of being a company with in-house service capabilities in all areas of Exploration and Production of oil & gas and related oil-field services. Winner of the Best Employer award, a dedicated team of over 25,000 professionals toil round the clock in challenging locations. ONGC is an integrated energy company with interests in upstream, midstream and downstream sector of the hydrocarbon value chain, renewables, LNG, Power generation, petrochemicals and Value Added Products. ONGC's wholly-owned subsidiary Navratna ONGC Videsh Limited (OVL) is the biggest Indian multinational in the energy space, participating in 32 oil and gas properties in 15 countries. ONGC's subsidiary Mangalore Refinery and Petrochemicals Limited (MRPL) is a Schedule ‘A’ Miniratna, with a single-location refining capacity of 15 million tons per annum. ONGC subsidiary HPCL is a Maharatna CPSE, and has the second largest share of product pipelines in India with a pipeline network of more than 3370 kms for transportation of petroleum products and a vast marketing network consisting of 14 Zonal offices and 133 Regional Offices.
Valero is an international manufacturer and marketer of transportation fuels and petrochemical products. We are a Fortune 500 company based in San Antonio, Texas, fueled by nearly 10,000 employees and 15 petroleum refineries with a combined throughput capacity of approximately 3.2 million barrels pe
Petróleos de Venezuela S.A. is a Venezuelan state company, began operations on January 1st, 1976 and whose activities are the oil exploration, production, refining, marketing and transportation of Venezuelan oil as well as the orimulsion, chemical, petrochemical businesses and coal. We have the lar
We collaborate and engineer solutions to maximize asset value for our customers. Founded in 1919, Halliburton is one of the world's largest providers of products and services to the energy industry. With more than 45,000 employees, representing 130 nationalities in more than 80 countries, the compan
At Repsol, we are at the forefront of the energy sector to build the future of energy with innovation and sustainability. We are a strong multienergy company that creates value in an integrated, diversified, and sustainable way to promote progress in society. We leverage our past experience to be pr
We are a global oil and gas company tasked with an important job—to safely find and deliver energy for the world. We’re experts in what we do—from the well site to the office. Across our operations and activities in 13 countries, we never forget our responsibility to be a great neighbor, and a gre
Baker Hughes (NASDAQ: BKR) is an energy technology company that provides solutions for energy and industrial customers worldwide. Built on a century of experience and conducting business in over 120 countries, our innovative technologies and services are taking energy forward – making it safer, clea
Our greatest resource is our people. Their ingenuity, creativity and collaboration have met the complex challenges of energy’s past. Together, we’ll take on the future. We support the LinkedIn Terms of Use (User Agreement), and we expect visitors to our page to do the same. We encourage open, liv
PT Pertamina (Persero) is an Indonesian state-owned enterprise, which is engaged in the integrated energy in Indonesia. Established on December 10, 1957, Pertamina had the experiences in upstream, midstream, downstream and renewable energy sectors for more than 50 years. This is the official Link
ОАО Oil and Gas Company «RussNeft» came into existence in September 2002 . The structure of OAO NK “RussNeft” counts 24 upstream enterprises, 2 refineries, its own distribution net of gas filling stations. Geographic reach of “RussNeft” covers 12 regions of Russia and CIS: Khanty-Mansi Autonomous
.png)
OT-designed platform and security services empower industrial organizations to reduce risk, maximize uptime and simplify compliance across...
Discover how IT/OT convergence transforms the oil and gas sector, enhancing efficiency, cost savings and security while mitigating...
Our commitment to audit quality. At EY US, we are bringing our bold vision for the future of audit to life with quality at the center,...
The GCP100 is the first gas chromatograph with built-in cybersecurity on the market; It sets a new standard in cybersecurity and real-time...
Hackers have manipulated critical components at water utilities, oil and gas facilities, and agricultural sites in recent weeks.
New research from Rockwell Automation on pivotal technologies in the oil and gas sector highlights a major transformation as the industry...
Amid significant M&A and technology adoption, cybersecurity must be fit for purpose to safeguard operations and protect the enterprise.
This week Pakistan's National Cyber Emergency Response Team (NCERT) has issued an advisory to 39 key ministries and institutions and warned...
The oil & gas industry faces rising cyber risks. Tailored insurance solutions can address physical and operational tech-related exposures.
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
The official website of Oil and Natural Gas Corporation Ltd is http://www.ongcindia.com/.
According to Rankiteo, Oil and Natural Gas Corporation Ltd’s AI-generated cybersecurity score is 804, reflecting their Good security posture.
According to Rankiteo, Oil and Natural Gas Corporation Ltd currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
According to Rankiteo, Oil and Natural Gas Corporation Ltd is not certified under SOC 2 Type 1.
According to Rankiteo, Oil and Natural Gas Corporation Ltd does not hold a SOC 2 Type 2 certification.
According to Rankiteo, Oil and Natural Gas Corporation Ltd is not listed as GDPR compliant.
According to Rankiteo, Oil and Natural Gas Corporation Ltd does not currently maintain PCI DSS compliance.
According to Rankiteo, Oil and Natural Gas Corporation Ltd is not compliant with HIPAA regulations.
According to Rankiteo,Oil and Natural Gas Corporation Ltd is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Oil and Natural Gas Corporation Ltd operates primarily in the Oil and Gas industry.
Oil and Natural Gas Corporation Ltd employs approximately 17,753 people worldwide.
Oil and Natural Gas Corporation Ltd presently has no subsidiaries across any sectors.
Oil and Natural Gas Corporation Ltd’s official LinkedIn profile has approximately 569,346 followers.
Oil and Natural Gas Corporation Ltd is classified under the NAICS code 211, which corresponds to Oil and Gas Extraction.
No, Oil and Natural Gas Corporation Ltd does not have a profile on Crunchbase.
Yes, Oil and Natural Gas Corporation Ltd maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/oilandnaturalgascorporation.
As of December 11, 2025, Rankiteo reports that Oil and Natural Gas Corporation Ltd has experienced 1 cybersecurity incidents.
Oil and Natural Gas Corporation Ltd has an estimated 10,531 peer or competitor companies worldwide.
Incident Types: The types of cybersecurity incidents that have occurred include Vulnerability.
Detection and Response: The company detects and responds to cybersecurity incidents through an third party assistance with international well control experts, and containment measures with capping the blowout..
Title: ONGC Well Blowout in Assam
Description: Oil and Natural Gas Corporation Limited (ONGC) experienced a well blowout at Well No RDS 147A, Rig No SKP 135, located in the Rudrasagar oil field at Barichuk, Bhatiapar, Sivasagar district in Assam. The blowout occurred on June 12 and was successfully capped on June 27.
Date Detected: 2023-06-12
Date Publicly Disclosed: 2023-06-27
Date Resolved: 2023-06-27
Type: Well Blowout
Common Attack Types: The most common types of attacks the company has faced is Vulnerability.
Entity Name: Oil and Natural Gas Corporation Limited (ONGC)
Entity Type: Public Sector Undertaking
Industry: Energy
Location: Sivasagar district, Assam, India
Third Party Assistance: International well control experts
Containment Measures: Capping the blowout
Third-Party Assistance: The company involves third-party assistance in incident response through International well control experts.
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by capping the blowout.
Source: PTI
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: PTI.
Root Causes: Perforation operation for zone transfer on an old, non-producing crude well
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as International well control experts.
Most Recent Incident Detected: The most recent incident detected was on 2023-06-12.
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2023-06-27.
Most Recent Incident Resolved: The most recent incident resolved was on 2023-06-27.
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was International well control experts.
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was Capping the blowout.
Most Recent Source: The most recent source of information about an incident is PTI.
.png)
FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. Versions prior to 16.0.96 and 17.0.1 through 17.0.9 have a weak default password. By default, this is a 6 digit numeric value which can be brute forced. (This is the app_password parameter). Depending on local configuration, this password could be the extension, voicemail, user manager, DPMA or EPM phone admin password. This issue is fixed in versions 16.0.96 and 17.0.10.
Neuron is a PHP framework for creating and orchestrating AI Agents. In versions 2.8.11 and below, the MySQLWriteTool executes arbitrary SQL provided by the caller using PDO::prepare() + execute() without semantic restrictions. This is consistent with the name (“write tool”), but in an LLM/agent context it becomes a high-risk capability: prompt injection or indirect prompt manipulation can cause execution of destructive queries such as DROP TABLE, TRUNCATE, DELETE, ALTER, or privilege-related statements (subject to DB permissions). Deployments that expose an agent with MySQLWriteTool enabled to untrusted input and/or run the tool with a DB user that has broad privileges are impacted. This issue is fixed in version 2.8.12.
Neuron is a PHP framework for creating and orchestrating AI Agents. Versions 2.8.11 and below use MySQLSelectTool, which is vulnerable to Read-Only Bypass. MySQLSelectTool is intended to be a read-only SQL tool (e.g., for LLM agent querying, however, validation based on the first keyword (e.g., SELECT) and a forbidden-keyword list does not block file-writing constructs such as INTO OUTFILE / INTO DUMPFILE. As a result, an attacker who can influence the tool input (e.g., via prompt injection through a public agent endpoint) may write arbitrary files to the DB server if the MySQL/MariaDB account has the FILE privilege and server configuration permits writes to a useful location (e.g., a web-accessible directory). This issue is fixed in version 2.8.12.
Okta Java Management SDK facilitates interactions with the Okta management API. In versions 11.0.0 through 20.0.0, race conditions may arise from concurrent requests using the ApiClient class. This could cause a status code or response header from one request’s response to influence another request’s response. This issue is fixed in version 20.0.1.
The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. When using versions 4.11.0 through 4.11.2 and 4.12.0, simultaneous requests on the same client may result in improper lookups in the TokenRequestCache for the request results. This issue is fixed in versions 4.11.2 and 4.12.1.
Get company history
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rapid