Towell Engineering Group RansomHub Exfiltrates 490GB

Sep 2024 · 490GB stolen

By Karim El Labban · ZERO|TOLERANCE

Towell Engineering Group: RansomHub Exfiltrates 490GB

In September 2024, RansomHub listed Towell Engineering Group on its dark web leak site after exfiltrating approximately 490 gigabytes of data from the Omani engineering and construction conglomerate.

Towell Engineering Group employs 5,001-10,000 people and operates across engineering, construction, and industrial services in Oman and the broader Gulf region. Exfiltrated data included employee PII, payroll records, audit documents, invoices, and internal financial records.

01

KEY FACTS

  • .What: RansomHub exfiltrated 490GB of data from Omani engineering conglomerate.
  • .Who: Towell Engineering Group employees and business partners in the Gulf region.
  • .Data Exposed: Employee PII, payroll records, audit documents, and financial data.
  • .Outcome: Data listed on RansomHub leak site; PDPL enforcement pending until 2026.
02

SOURCES

Symantec, BleepingComputer, Oman PDPL (Royal Decree 6/2022)

RELATED ANALYSIS

Conduent/SafePay: 25M Americans Exposed in 84-Day Ransomware Dwell - Largest US Government Data Breach
Jan 13, 2025 · 25M+ affected · 8.5TB exfiltrated · 84-day dwell
UAE Foils AI-Powered Ransomware Campaign - 200,000 Attacks/Day Intercepted
Feb 18-21, 2026 · 200K/day
University of Mississippi Medical Center: 35 Clinics Shut Down 9 Days by Ransomware
Feb 19 - Mar 2, 2026 · Healthcare
Passaic County, NJ: Medusa Ransomware Disables Government Services for 526,000 Residents
Mar 4, 2026 · 526K residents · $800K ransom
Omrania & Associates: INC Ransom Publishes 4TB of Saudi Critical Infrastructure Drawings
Jan 9, 2026 · 4TB published · Egis subsidiary
MORE RANSOMWARE →