Hacker stole £700,000 from UK energy company by redirecting payment | TechCrunch

In Brief

British oil and gas company Zephyr Energy says someone stole £700,000 (close to $1 million) from one of its U.S.-based subsidiaries by redirecting a payment meant for a contractor into a hacker-controlled account.

In a regulatory filing with the London Stock Exchange on Thursday, the company said it is “working with the corresponding banks and consultants to attempt to recover the diverted funds.”

While the company did not say how the incident occurred, hackers are known to break into email inboxes or accounting systems and use that access to alter bank account and routing numbers during the process of paying someone or clearing an invoice. Known as business email compromise attacks, the FBI said in its most recent annual report published on internet cybercrime earlier in April that these attacks remain one of the top sources of financial losses, totaling more than $3 billion in victim losses during 2025.

Zephyr says that its incident is contained and that its operations are running normally.

As for the attack itself, the company said it used “industry standard practices” for its tech and payment platforms, but said it has implemented “additional layers of security” following the incident.

A spokesperson for Zephyr did not return an email requesting comment about the incident.

(via The Register)

Related