80/69 Tuesday, February 10, 2026
Conpet, the company responsible for operating Romania’s crude oil and petroleum product pipeline network, has disclosed that it detected a cyberattack on February 3, 2026. The incident affected the company’s business IT infrastructure and temporarily rendered its website unavailable. However, Conpet confirmed that its Operational Technology (OT), including SCADA systems and telecommunications networks, was not impacted. As a result, oil and fuel transportation through the national pipeline system continues to operate normally without safety issues or service disruptions.
Following the detection of the attack, internal specialists immediately implemented containment measures and are coordinating closely with Romania’s cybersecurity authorities to investigate the incident and accelerate the restoration of affected systems. The company has also filed a complaint with the Directorate for Investigating Organized Crime and Terrorism (DIICOT) to initiate legal proceedings. Conpet emphasized that the event has not affected its financial stability.
Although the company has not disclosed technical details of the attack, reports indicate that the Qilin ransomware group added Conpet to its Tor-based data leak site on February 5, 2026, claiming to have stolen approximately one terabyte of sensitive data and releasing sample images as proof. Qilin is currently regarded as one of the more active Ransomware-as-a-Service (RaaS) operations and has previously announced collaborations with DragonForce and LockBit to enhance its attack capabilities. This incident highlights the growing threat landscape facing Romania’s critical infrastructure providers, particularly in the energy sector, where several organizations have previously been targeted by similar attacks.
