INTELLIGENCE
ZERO|TOLERANCE
Intelligence Advisory
zerotolerance.me

Towell Engineering Group RansomHub Exfiltrates 490GB

Sep 2024 · 490GB stolen

Publication Date
2024-09-01
Category
Ransomware
Author
K. Ellabban
Organization
Zero|Tolerance Security Research

Towell Engineering Group: RansomHub Exfiltrates 490GB

In September 2024, RansomHub listed Towell Engineering Group on its dark web leak site after exfiltrating approximately 490 gigabytes of data from the Omani engineering and construction conglomerate. Towell Engineering Group employs 5,001-10,000 people and operates across engineering, construction, and industrial services in Oman and the broader Gulf region. Exfiltrated data included employee PII, payroll records, audit documents, invoices, and internal financial records.

Executive Summary

KEY FACTS

  • WhatRansomHub exfiltrated 490GB of data from Omani engineering conglomerate.
  • WhoTowell Engineering Group employees and business partners in the Gulf region.
  • Data ExposedEmployee PII, payroll records, audit documents, and financial data.
  • OutcomeData listed on RansomHub leak site; PDPL enforcement pending until 2026.
References

SOURCES

Symantec, BleepingComputer, Oman PDPL (Royal Decree 6/2022)

Related Analysis

Related Intelligence

NAMA Group: Clop Ransomware Targets Oman's Electricity Utility
Nov 1, 2025 · Utilities sector
OQ (Oman Oil Company): Termite Ransomware Attack
Nov 2024 · Energy sector
Special Oilfield Services: Double-Hit by LockBit 3.0 & Meow Ransomware
Apr-Aug 2024 · Energy sector
Omrania & Associates: INC Ransom Publishes 4TB of Saudi Critical Infrastructure Drawings
Jan 9, 2026 · 4TB published · Egis subsidiary
Al Bawani: DragonForce Ransomware Exfiltrates 7TB Including Defense Documents
Feb 1, 2025 · $20M ransom
MORE RANSOMWARE →