• Home
  • cyber
  • Zephyr Energy plc: Zephyr Energy loses £700K to contractor payment fraud
cyber Cyber Attack

Zephyr Energy plc: Zephyr Energy loses £700K to contractor payment fraud

Apr 8, 2026 2 min read
Zephyr Energy plc: Zephyr Energy loses £700K to contractor payment fraud

Zephyr Energy Hit by Sophisticated Cyberattack, Losing £700K in Diverted Payment

UK-based oil and gas firm Zephyr Energy plc disclosed a cyber incident that resulted in the theft of approximately £700,000 after attackers rerouted a single payment intended for a contractor. The breach targeted one of the company’s American subsidiaries in a "highly sophisticated" attack, redirecting funds to an unauthorized account before the fraud was detected.

Zephyr, which operates in the US Rocky Mountain region, confirmed the incident on Thursday but did not disclose the exact method used. The attack follows a common pattern: intercepting a legitimate transaction and altering payment details to siphon funds. Once identified, the company acted swiftly, engaging law enforcement, banks, and external cybersecurity consultants in an effort to recover the stolen amount. However, the success of these efforts remains uncertain, as tracking and reclaiming funds across multiple accounts is often time-sensitive.

The company emphasized that the breach has been contained, with no disruption to day-to-day operations. External reviews confirmed that its systems were not compromised beyond the payment diversion. While Zephyr has implemented additional security measures likely including stricter payment verification and supplier bank detail controls it did not specify the exact enhancements.

Despite the financial loss, Zephyr assured investors that its working capital remains sufficient to cover the impact without affecting ongoing projects. The incident serves as a reminder that cybercriminals can exploit financial processes without directly breaching corporate networks, underscoring the risks of even routine transactions.

Source: https://www.theregister.com/2026/04/09/zephyr_energy_cyberattack/

Zephyr Energy plc cybersecurity rating report: https://www.rankiteo.com/company/zephyr-energy-plc

"id": "ZEP1775745680",
"linkid": "zephyr-energy-plc",
"type": "Cyber Attack",
"date": "4/2026",
"severity": "50",
"impact": "2",
"explanation": "Attack limited on finance or reputation"
{'affected_entities': [{'industry': 'Oil and gas',
                        'location': 'UK',
                        'name': 'Zephyr Energy plc',
                        'type': 'Corporation'},
                       {'industry': 'Oil and gas',
                        'location': 'US Rocky Mountain region',
                        'name': 'American subsidiary of Zephyr Energy',
                        'type': 'Subsidiary'}],
 'attack_vector': 'Interception of legitimate transaction and alteration of '
                  'payment details',
 'description': 'UK-based oil and gas firm Zephyr Energy plc disclosed a cyber '
                'incident that resulted in the theft of approximately £700,000 '
                'after attackers rerouted a single payment intended for a '
                'contractor. The breach targeted one of the company’s American '
                "subsidiaries in a 'highly sophisticated' attack, redirecting "
                'funds to an unauthorized account before the fraud was '
                'detected.',
 'impact': {'financial_loss': '£700,000',
            'operational_impact': 'No disruption to day-to-day operations'},
 'investigation_status': 'Ongoing',
 'lessons_learned': 'Cybercriminals can exploit financial processes without '
                    'directly breaching corporate networks, underscoring the '
                    'risks of even routine transactions.',
 'motivation': 'Financial gain',
 'post_incident_analysis': {'corrective_actions': 'Additional security '
                                                  'measures including stricter '
                                                  'payment verification and '
                                                  'supplier bank detail '
                                                  'controls',
                            'root_causes': 'Interception and alteration of '
                                           'payment details'},
 'recommendations': 'Implement stricter payment verification and supplier bank '
                    'detail controls.',
 'references': [{'source': 'Zephyr Energy plc disclosure'}],
 'response': {'containment_measures': 'Breach contained, no further disruption',
              'law_enforcement_notified': 'Yes',
              'recovery_measures': 'Engaged banks to recover stolen funds',
              'remediation_measures': 'Additional security measures including '
                                      'stricter payment verification and '
                                      'supplier bank detail controls',
              'third_party_assistance': 'External cybersecurity consultants'},
 'stakeholder_advisories': 'Assured investors that working capital remains '
                           'sufficient to cover the impact without affecting '
                           'ongoing projects.',
 'title': 'Zephyr Energy Hit by Sophisticated Cyberattack, Losing £700K in '
          'Diverted Payment',
 'type': 'Payment diversion fraud'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.