According to sources, the company's systems were compromised by a destructive malware designed explicitly for 32-bit NT kernel versions of Microsoft Windows. This malware, known as Shamoon, spread from one infected machine to other networked computers. Once a system was infiltrated, the malware compiled lists of files, relayed them to the attacker, and subsequently deleted them. The virus culminated its attack by overwriting the Master Boot Record (MBR), rendering the infected computer non-operational. The attack was claimed by a group called "Cutting Sword of Justice".
The consequences of the cyber intrusion were significant, deeply affecting the victim's operational capabilities. An estimated 30,000 workstations were impacted, necessitating the company to devote over a week for service restoration. This event had cascading effects on the global market: the company's sudden and vast procurement of hard drives led to a notable hike in their market prices. Additionally, the public faced gasoline shortages as a direct result of the attack.