Comunicate de presă
Cyberattack on Rompetrol digital infrastructure.
Posted at 07.03.2022, 13:48
Cyberattack on Rompetrol digital infrastructure.

Update 3rd of May

Yesterday, the Fill & Go Manager service registered a series of technical malfunctions, on the background of a cyber-attack of type DDoS (Distributed Denial-of-Service) that affected the external access on the Rompetrol Downstream platform.

During the evening, all targeted attack systems were restored and additional steps were taken to secure and protect access to the Fill & Go platform from customers. We mention that no information was lost and the data on customer accounts (confidential information, supply limits, payments, etc.) were not affected.

At the same time, we would like to point out that following the March 7 first cyber-attack, which was a complex type of malware - ransomware, the company decided, for data protection, the temporary cessation of sites and even for a short period of time, of the Fill & Go service, both for fleets and for individuals.

In line with business priorities, the company has gradually restored its online presence, with priority given to digital platforms used by customers, and corporate sites to be restored this week. At the time of yesterday's cyber-attack, these sites were not public and could not be accessed / affected online.

Update 15th of March

The IT systems operations of the company have been partially restored following the complex ransomware cyber-attack that took place on March 7th.

The internal team of specialists with the support of our collaborators is in the process of completing the restoration of digital platforms within the KMG International Group.

At the moment, the Fill&Go service, both for fleets and for individual clients, is functional in Romania, namely fueling the car by card and ring.

Restoring these systems has been a priority for us, given the impact on the activities of our customers and business partners.

We would like to thank all of them for their patience and understanding of the situation and we can assure you that it is an uninterrupted effort to fully solve the situation.


During this night (6th of March), Rompetrol faced a complex cyber-attack. We are in constant contact with the National Directorate of Cyber Security (DNSC) and fully involved to resolve the situation.

To protect the data, the company has temporarily suspended the operation of the websites and the Fill&Go service, both for the fleets and for the private customers. The activity of Rompetrol gas stations is carried out normally, the customers having at their disposal the option of payment in cash or by bank card.

Also, the operational activity of the Petromidia refinery is not affected.

We apologize for the inconvenience.