Operations at Petróleos de Venezuela SA (PDVSA), Venezuela’s state-owned oil company, have been disrupted by a cyberattack that affected critical systems and delayed production and logistics activities. The incident was confirmed by company officials, who said it impacted information technology infrastructure used to support key operational functions. The disruption also affected client and supplier portals, leading to service interruptions and operational delays across several facilities.
PDVSA said the attack did not alter oil output volumes directly but hindered internal processes and external communications. Company representatives stated that employees encountered system outages at some offices and production sites and that access to certain databases and applications was unavailable while response teams worked to contain the incident. Officials described the situation as serious but noted that core extraction and refining operations continued, albeit with reduced efficiency and slower coordination.
The company attributed the disruption to unauthorised access to parts of its network and said that it has engaged cybersecurity specialists to investigate the incident. Teams are working to restore full functionality while analysing the malware or tools used by the attackers. PDVSA also said it has notified relevant national authorities and is coordinating with them to manage the response and mitigate further impacts.
The attack affected online platforms used by customers and suppliers to manage orders, billing, and logistics. Several service portals remained unavailable for extended periods, forcing some partners to use manual processes or alternative communication channels to maintain business continuity. The company said it provided updates to stakeholders and advised clients of expected restoration timelines as work progressed.
Industry analysts said the incident highlights vulnerabilities in critical infrastructure sectors such as oil and gas, where integration of information technology and operational technology can create broader exposure to cyber threats. They noted that initial disruption to administrative systems can have cascading effects on scheduling, logistics, and decision-making, even when the physical production chain remains intact.
Cybersecurity experts emphasised the importance of preparedness and resilience in industrial environments. They said that incident response plans, network segmentation, and real-time monitoring can reduce the impact of attacks that target corporate systems supporting operations. Regular security assessments and employee training were also cited as key elements of reducing exposure to unauthorised access.
PDVSA’s announcement did not name any specific threat group or motive behind the attack. Venezuelan officials have previously linked cyber operations against critical infrastructure to a range of actors, including criminal organisations and state-sponsored groups, but no attribution has been confirmed in this case. Investigators continue to analyse forensic data to determine how the attackers gained entry and whether data was exfiltrated.
The disruption at PDVSA adds to a broader pattern of cyber incidents affecting energy and industrial sectors worldwide. Government agencies and private firms have increasingly prioritised cybersecurity measures to guard against intrusions that can disrupt operations or compromise sensitive data. Analysts said that information sharing and cross-sector cooperation are important to improve detection and response capabilities.
PDVSA said it will provide further updates as the investigation proceeds and systems are restored. The company reiterated its commitment to maintaining reliable energy supplies and said it is implementing additional protective measures to safeguard against similar incidents in the future.