Edith Hejberg
The hackers reportedly shut down internal access for nearly 20,000 Gazprom IT administrators
Ukraine’s military intelligence agency (HUR) says it has launched a powerful cyberattack on Gazprom, Russia’s state-controlled energy giant. The reported breach disrupted core systems and deleted vast amounts of critical company data.
July 17: The Day the Servers Went Dark
According to HUR, the attack took place on July 17 and specifically targeted systems tied to Gazprom’s operational and administrative functions. Ukrainian sources link these systems to Russia’s war logistics.
Lockout Hits 20,000 System Admins
The hackers reportedly shut down internal access for nearly 20,000 Gazprom IT administrators. With no ability to access key systems, the company was left digitally paralyzed across much of its network.
Nearly 400 Gazprom Subsidiaries Affected
The cyberattack extended far beyond Gazprom’s headquarters. Around 390 subsidiaries including Gazprom Teplo Energo and Gazprom Energozbyt were hit, disrupting regional energy operations.
Contract, Tax, and Licensing Data Deleted
Key business data such as contract files, payment records, and gas delivery schedules were allegedly wiped. HUR claims this includes sensitive financial, legal, and logistical documentation.
Backup Systems Also Erased
In a major blow to recovery efforts, hackers reportedly deleted backup databases. This suggests a deep infiltration and a deliberate strategy to prevent restoration of lost information.
Ukrainian Intelligence Downloads Then Destroys Terabytes
Before wiping systems, hackers allegedly downloaded hundreds of terabytes of data. The stolen files may offer Ukraine rare insights into Russia’s energy infrastructure and resource flows.
Damage to Core Technical Systems
Servers running 1C software, crucial for managing Gazprom’s pipeline operations were compromised. Ukrainian sources say this affected SCADA systems, valves, and pumps used in real-time gas control.
Hardware Rendered Inoperable
In some cases, hackers damaged the BIOS of servers, the foundational layer that allows machines to boot. These systems can’t be restored without hands-on physical intervention.
Ukraine Mocks Russia’s Tech Vulnerabilities
A HUR source mocked Russia’s cyber defenses, sarcastically suggesting that Russian tech teams “swap keyboards for hammers and pliers,” framing the breach as a technological regression.
No Official Comment From Russia
Despite the scale of the reported attack, neither Gazprom nor Russian government agencies have issued statements. Independent verification of the incident remains pending.
