Crescent Point Energy Hit by RansomHouse Data Leak

Incident Date:

May 10, 2024

World map



Crescent Point Energy Hit by RansomHouse Data Leak


Crescent Point Energy Organization




Calgary, Canada

, Canada

First Reported

May 10, 2024

Ransomware Attack on Crescent Point Energy by RansomHouse


Crescent Point Energy, a leading North American oil producer, recently experienced a data leak that exposed sensitive information. The leaked data included company revenue of 2.4B USD and personal information of 777 employees. The attack has raised concerns about the security measures in place at Crescent Point Energy and the potential impact on the company's operations and reputation. Crescent Point Energy is currently investigating the breach and taking steps to enhance its cybersecurity protocols to prevent future incidents..

Company Standout

Standing out in the Energy sector, Crescent Point Energy is committed to developing high-quality, large resource-in-place assets in Canada and the United States. The company's operations include drilling, well completion, and production activities to extract oil and gas from their properties, emphasizing environmental stewardship and responsible resource development.

About RansomHouse

Emerging in late 2021, RansomHouse is a cybercriminal group that focuses on data theft and extortion rather than encrypting victims' data. Exploiting security vulnerabilities, the group breaches target networks, steals sensitive data, and threatens to publish it on their leak site unless the victim pays the demanded ransom. Portraying itself as a "penetration testing service," RansomHouse offers to provide a detailed report on the vulnerabilities they exploited to coerce victims into paying the ransom.

Targeted Entities

Large enterprises and organizations, including Crescent Point Energy, the Saskatchewan Liquor and Gaming Authority (SLGA) in Canada, AMD, ADATA, and IFX Networks, have been targeted by RansomHouse, impacting the Latin American region significantly.

Operational Tactics

Linked to other ransomware groups like White Rabbit and Hive, RansomHouse operates by exploiting security vulnerabilities, exfiltrating data, and extorting victims for ransom payments to prevent data leaks.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.