Petrobras
Company Details
Linkedin ID:
petrobras
Website:
Employees number:
53,942
Number of followers:
3,611,728
NAICS:
211
Industry Type:
Homepage:
petrobras.com.br
IP Addresses:
0
Company ID:
PET_1634199
Scan Status:
In-progress
Petrobras Company CyberSecurity Posture
petrobras.com.br
Nosso propósito é prover energia que assegure prosperidade de forma ética, justa, segura e competitiva. Queremos ser a melhor empresa diversificada e integrada de energia na geração de valor, construindo um mundo mais sustentável, conciliando o foco em óleo e gás com a diversificação em negócios de baixo carbono (inclusive produtos petroquímicos e fertilizantes), sustentabilidade, segurança, respeito ao meio ambiente e atenção total às pessoas. Saiba mais em petrobras.com.br
Petrobras A.I CyberSecurity Scoring
Petrobras Risk Score (AI oriented)Between 750 and 799
Petrobras
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Petrobras Global Score (TPRM)XXXX
Petrobras
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Petrobras Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Petrobras
Ransomware
Rankiteo Explanation
Attack threatening the organization's existence
Description: The Everest ransomware group claimed a data breach targeting Petrobras, Brazil’s state-owned oil giant, alleging the theft of over **176 GB of seismic navigation data**, with **90+ GB belonging directly to Petrobras**. The compromised files include **highly sensitive technical details**—ship positioning, equipment configurations, hydrophone readings, depth measurements, quality control documents, metadata, and processed reports outlining survey progress and operational conclusions.Seismic surveys are **critical for oil/gas exploration**, requiring massive investments. Competitors gaining access to this data could **replicate Petrobras’ methods, reduce their own costs, or leverage it in contract negotiations**, undermining the company’s competitive edge. The group also targeted **Campos Basin seismic surveys (3D/4D datasets)**, totaling another **90+ GB** with similar sensitive information, including ship coordinates, source depths, and shot pressures.Everest demanded Petrobras contact them via **Tox encrypted messaging within four days**, threatening further action if ignored. The breach poses **strategic risks to Petrobras’ industrial competitiveness and operational security**, with potential long-term financial and reputational damage. The company has not yet publicly responded to the claims.
Petrobras Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Petrobras
Incidents vs Oil and Gas Industry Average (This Year)
Petrobras has 17.65% more incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs All-Companies Average (This Year)
Petrobras has 29.87% more incidents than the average of all companies with at least one recorded incident.
Incident Types Petrobras vs Oil and Gas Industry Avg (This Year)
Petrobras reported 1 incidents this year: 0 cyber attacks, 1 ransomware, 0 vulnerabilities, 0 data breaches, compared to industry peers with at least 1 incident.
Incident History — Petrobras (X = Date, Y = Severity)
Petrobras cyber incidents detection timeline including parent company and subsidiaries
Petrobras Company Subsidiaries
Nosso propósito é prover energia que assegure prosperidade de forma ética, justa, segura e competitiva. Queremos ser a melhor empresa diversificada e integrada de energia na geração de valor, construindo um mundo mais sustentável, conciliando o foco em óleo e gás com a diversificação em negócios de baixo carbono (inclusive produtos petroquímicos e fertilizantes), sustentabilidade, segurança, respeito ao meio ambiente e atenção total às pessoas. Saiba mais em petrobras.com.br
Loading...
Petrobras Similar Companies
Cameron, a Schlumberger company
Cameron is a SLB company. For updates and information, please follow the main SLB company page on LinkedIn at: https://www.linkedin.com/company/slbglobal/ Cameron, a SLB company, is a leading provider of flow equipment products, systems and services to worldwide oil, gas and process industries. Lev
McDermott International, Ltd
McDermott is a premier provider of engineering and construction solutions to the energy industry. Our customers trust our technology-driven approach—engineered to responsibly harness and transform global energy resources into the products the world needs for now and what’s next. From concept to co
We are one of the world's leading energy producers, and a primary catalyst for Abu Dhabi’s growth and diversification. We operate across the entire hydrocarbon value chain, through a network of fully-integrated businesses, with interests that range from exploration, production, storage, refining a
Aker Solutions delivers integrated solutions, products and services to the global energy industry. We enable low-carbon oil and gas production and develop renewable solutions to meet future energy needs. By combining innovative digital solutions and predictable project execution we accelerate the tr
PETRONAS
Petroliam Nasional Berhad (PETRONAS) is a leading global energy company committed to powering society’s progress in a responsible and sustainable manner. With close to 50,000 employees and a global reach spanning over 100 countries, we are ranked among the world’s largest corporations by revenue in
Equinor
We're Equinor, an international energy company with a proud history. Formerly Statoil, we are 20,000 committed colleagues developing oil, gas, wind and solar energy in more than 30 countries worldwide. We’re the largest operator in Norway, among the world’s largest offshore operators, and a growing
Transocean
Transocean is a leading international provider of offshore contract drilling services for oil and gas wells. The company specializes in technically demanding sectors of the global offshore drilling business, with a particular focus on ultra-deepwater and harsh environment drilling services and opera
ExxonMobil
The need for energy is universal. That's why ExxonMobil scientists and engineers are pioneering new research and pursuing new technologies to reduce emissions while creating more efficient fuels. We're committed to responsibly meeting the world's energy needs. We aim to achieve #netzero emissions
Halliburton
We collaborate and engineer solutions to maximize asset value for our customers. Founded in 1919, Halliburton is one of the world's largest providers of products and services to the energy industry. With more than 45,000 employees, representing 130 nationalities in more than 80 countries, the compan
.png)
Petrobras CyberSecurity News
November 23, 2025 08:00 AM
A hacker group has issued an ultimatum after claiming to have 90 GB of Petrobras data, exposing a flaw in a supplier, raising concerns about weaknesses in the security chain, and pressuring the state-owned company for an immediate response.
The Petrobras data is believed to be contained in two large information packages extracted after the intrusion into the systems of SA...
October 01, 2025 07:00 AM
Petrobras signs R$2,3 billion contract with Elea Digital to operate a strategic data center in Brazil for 17 years
Petrobras has signed a multi-billion dollar contract with Elea Digital to expand strategic data center services in Brazil.
September 04, 2025 07:00 AM
Petrobras return may drop with renewable shift
Investments or partnerships in energy transition projects could alter Petrobras's risk profile and reduce its portfolio return, the company warned.
December 23, 2024 08:00 AM
Brazil Cybersecurity Salaries: What Can You Expect to Earn?
Discover what you can expect to earn in cybersecurity in Brazil. Learn about salaries for all levels and factors influencing pay.
December 23, 2024 08:00 AM
Top Cybersecurity Employers in Brazil: Who's Hiring and What They Look For
Brazil is facing a potential shortage of 800,000 cybersecurity professionals by 2024, creating vast job opportunities.
September 14, 2023 03:42 PM
Petrobras’ Digital Journey with IT-OT-ET Convergence
Pedro Vieira, Manager at Petrobras, recently discussed with ARC how the company is leveraging digital technologies to improve efficiency,...
December 15, 2022 10:17 PM
Paulina Okunytė
Paulina is a journalist who covers breaking news, focusing on science and exclusive cybersecurity research.
June 21, 2022 07:00 AM
E&E News: Brazil's Petrobras CEO resigns amid pressure over prices
ENERGYWIRE | The chief executive of Brazil's state-run oil giant Petrobras resigned yesterday amid political pressure from top lawmakers and...
January 12, 2021 08:00 AM
The Latin American energy sector: How to address cybersecurity
Electric-power and gas companies are vulnerable to cyberattacks, but a structured approach that applies communication, organizational, and process frameworks...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Petrobras CyberSecurity History Information
Official Website of Petrobras
The official website of Petrobras is http://www.petrobras.com.br.
Petrobras’s AI-Generated Cybersecurity Score
According to Rankiteo, Petrobras’s AI-generated cybersecurity score is 752, reflecting their Fair security posture.
How many security badges does Petrobras’ have ?
According to Rankiteo, Petrobras currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Petrobras have SOC 2 Type 1 certification ?
According to Rankiteo, Petrobras is not certified under SOC 2 Type 1.
Does Petrobras have SOC 2 Type 2 certification ?
According to Rankiteo, Petrobras does not hold a SOC 2 Type 2 certification.
Does Petrobras comply with GDPR ?
According to Rankiteo, Petrobras is not listed as GDPR compliant.
Does Petrobras have PCI DSS certification ?
According to Rankiteo, Petrobras does not currently maintain PCI DSS compliance.
Does Petrobras comply with HIPAA ?
According to Rankiteo, Petrobras is not compliant with HIPAA regulations.
Does Petrobras have ISO 27001 certification ?
According to Rankiteo,Petrobras is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Petrobras
Petrobras operates primarily in the Oil and Gas industry.
Number of Employees at Petrobras
Petrobras employs approximately 53,942 people worldwide.
Subsidiaries Owned by Petrobras
Petrobras presently has no subsidiaries across any sectors.
Petrobras’s LinkedIn Followers
Petrobras’s official LinkedIn profile has approximately 3,611,728 followers.
NAICS Classification of Petrobras
Petrobras is classified under the NAICS code 211, which corresponds to Oil and Gas Extraction.
Petrobras’s Presence on Crunchbase
No, Petrobras does not have a profile on Crunchbase.
Petrobras’s Presence on LinkedIn
Yes, Petrobras maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/petrobras.
Cybersecurity Incidents Involving Petrobras
As of December 11, 2025, Rankiteo reports that Petrobras has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Petrobras has an estimated 10,531 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Petrobras ?
Incident Types: The types of cybersecurity incidents that have occurred include Ransomware.
How does Petrobras detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an communication strategy with no public comment as of disclosure, communication strategy with media outreach by hackread.com for statement..
Incident Details
Can you provide details on each incident ?
Title: Everest Ransomware Group Targets Petrobras in Alleged Data Breach Involving Seismic Survey Data
Description: The Everest ransomware group listed two separate entries on its dark web leak site, both targeting Petrobras, a Brazilian state-owned petroleum corporation. The group claims to have stolen over 176 GB of seismic navigation data, including highly sensitive technical information related to Petrobras and its partner firm, SAExploration. The data includes ship positioning, equipment configurations, hydrophone readings, depth measurements, quality control documents, metadata, and processed reports. The group has demanded Petrobras contact them via Tox within four days or face further action. The breach could enable competitors to replicate Petrobras’ methods, lower their own costs, or gain leverage in contract negotiations.
Date Publicly Disclosed: 2025-11-14
Type: data breach
Threat Actor: Everest Ransomware Group
Motivation: financial gaindata exfiltration for competitive advantage
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Ransomware.
Impact of the Incidents
What was the impact of each incident ?
Incident : data breach PET1592215112025
Data Compromised: Seismic navigation data (176 gb total), Ship positioning, Equipment configurations, Hydrophone readings, Depth measurements, Quality control documents, Metadata, Processed reports, 3d/4d seismic survey data (90 gb), Ship coordinates, Source depths, Shot pressures, Equipment alignment, Field survey documentation
Operational Impact: potential replication of Petrobras’ seismic survey methods by competitorslowered costs for competitorsleverage in contract negotiationsstrategic disadvantage in energy sector operations
Brand Reputation Impact: potential damage due to exposure of sensitive industrial datalack of public response may exacerbate reputational harm
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Seismic Navigation Data, Technical Operational Data, 3D/4D Survey Datasets, Quality Control Documents, Metadata, Processed Field Reports and .
Which entities were affected by each incident ?
Incident : data breach PET1592215112025
Entity Name: Petrobras
Entity Type: majority state-owned multinational corporation
Industry: petroleum (oil and gas)
Location: Rio de Janeiro, Brazil
Size: large (multinational)
Incident : data breach PET1592215112025
Entity Name: SAExploration
Entity Type: partner firm
Industry: oil and gas (seismic data services)
Response to the Incidents
What measures were taken in response to each incident ?
Incident : data breach PET1592215112025
Communication Strategy: no public comment as of disclosuremedia outreach by Hackread.com for statement
Data Breach Information
What type of data was compromised in each breach ?
Incident : data breach PET1592215112025
Type of Data Compromised: Seismic navigation data, Technical operational data, 3d/4d survey datasets, Quality control documents, Metadata, Processed field reports
Sensitivity of Data: high (industrial trade secrets, proprietary survey methods, competitive intelligence)
Data Exfiltration: 176 GB total (90 GB directly attributed to Petrobras; additional 90 GB from Campos Basin surveys)
File Types Exposed: databasesdocumentsprocessed reportssurvey progress logsinitial field conclusions
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : data breach PET1592215112025
Ransom Demanded: ['unspecified amount', 'contact via Tox within 4 days']
Ransomware Strain: Everest Ransomware
Data Exfiltration: 176 GB (seismic and survey data)
References
Where can I find more information about each incident ?
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Hackread.comDate Accessed: 2025-11-14.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : data breach PET1592215112025
Investigation Status: ongoing (no public confirmation from Petrobras; media outreach pending)
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through No Public Comment As Of Disclosure and Media Outreach By Hackread.Com For Statement.
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : data breach PET1592215112025
High Value Targets: Seismic Survey Databases, Proprietary Oil/Gas Exploration Data,
Data Sold on Dark Web: Seismic Survey Databases, Proprietary Oil/Gas Exploration Data,
Additional Questions
General Information
What was the amount of the last ransom demanded ?
Last Ransom Demanded: The amount of the last ransom demanded was ['unspecified amount', 'contact via Tox within 4 days'].
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Everest Ransomware Group.
Incident Details
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2025-11-14.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were seismic navigation data (176 GB total), ship positioning, equipment configurations, hydrophone readings, depth measurements, quality control documents, metadata, processed reports, 3D/4D seismic survey data (90 GB), ship coordinates, source depths, shot pressures, equipment alignment, field survey documentation and .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were seismic navigation data (176 GB total), 3D/4D seismic survey data (90 GB), ship coordinates, metadata, quality control documents, shot pressures, processed reports, hydrophone readings, depth measurements, equipment configurations, field survey documentation, equipment alignment, source depths and ship positioning.
Ransomware Information
What was the highest ransom demanded in a ransomware incident ?
Highest Ransom Demanded: The highest ransom demanded in a ransomware incident was ['unspecified amount', 'contact via Tox within 4 days'].
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is Hackread.com.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is ongoing (no public confirmation from Petrobras; media outreach pending).
.png)
Latest Global CVEs (Not Company-Specific)
Description
FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. Versions prior to 16.0.96 and 17.0.1 through 17.0.9 have a weak default password. By default, this is a 6 digit numeric value which can be brute forced. (This is the app_password parameter). Depending on local configuration, this password could be the extension, voicemail, user manager, DPMA or EPM phone admin password. This issue is fixed in versions 16.0.96 and 17.0.10.
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Neuron is a PHP framework for creating and orchestrating AI Agents. In versions 2.8.11 and below, the MySQLWriteTool executes arbitrary SQL provided by the caller using PDO::prepare() + execute() without semantic restrictions. This is consistent with the name (“write tool”), but in an LLM/agent context it becomes a high-risk capability: prompt injection or indirect prompt manipulation can cause execution of destructive queries such as DROP TABLE, TRUNCATE, DELETE, ALTER, or privilege-related statements (subject to DB permissions). Deployments that expose an agent with MySQLWriteTool enabled to untrusted input and/or run the tool with a DB user that has broad privileges are impacted. This issue is fixed in version 2.8.12.
Risk Information
cvss3
Base: 9.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
Description
Neuron is a PHP framework for creating and orchestrating AI Agents. Versions 2.8.11 and below use MySQLSelectTool, which is vulnerable to Read-Only Bypass. MySQLSelectTool is intended to be a read-only SQL tool (e.g., for LLM agent querying, however, validation based on the first keyword (e.g., SELECT) and a forbidden-keyword list does not block file-writing constructs such as INTO OUTFILE / INTO DUMPFILE. As a result, an attacker who can influence the tool input (e.g., via prompt injection through a public agent endpoint) may write arbitrary files to the DB server if the MySQL/MariaDB account has the FILE privilege and server configuration permits writes to a useful location (e.g., a web-accessible directory). This issue is fixed in version 2.8.12.
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
Description
Okta Java Management SDK facilitates interactions with the Okta management API. In versions 11.0.0 through 20.0.0, race conditions may arise from concurrent requests using the ApiClient class. This could cause a status code or response header from one request’s response to influence another request’s response. This issue is fixed in version 20.0.1.
Risk Information
cvss3
Base: 8.4
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L
Description
The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. When using versions 4.11.0 through 4.11.2 and 4.12.0, simultaneous requests on the same client may result in improper lookups in the TokenRequestCache for the request results. This issue is fixed in versions 4.11.2 and 4.12.1.
Risk Information
cvss3
Base: 5.4
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=petrobras' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
