PEMEX
Company Details
Linkedin ID:
pemex
Website:
Employees number:
45,054
Number of followers:
259,183
NAICS:
211
Industry Type:
Homepage:
pemex.com
IP Addresses:
0
Company ID:
PEM_1331250
Scan Status:
In-progress
Internal validation & live display
Multiple badges & continuous verification
Faster underwriting decisions
PEMEX Vendor Cyber Rating & Cyber Score
pemex.comPetróleos Mexicanos es la mayor empresa de México, el mayor contribuyente fiscal del país, así como una de las empresas más grandes de América Latina. Es de las pocas empresas petroleras del mundo que desarrolla toda la cadena productiva de la industria, desde la exploración, hasta la distribución y comercialización de productos finales, incluyendo la petroquímica. Pemex contribuye el 35% del PEF, en otras palabras aporta 1 de cada 3 pesos para la construcción de escuelas, carreteras y hospitales. La tasa de éxito en exploración en aguas profundas es del 50% siendo superior al estándar internacional. En el 2014 las inversiones fueron por más de 25 mil millones de dólares. Pemex generó más de medio millón de empleos indirectos. Anualmente Pemex invierte cerca de 140 millones de dólares en donativos
PEMEX A.I CyberSecurity Scoring
PEMEX Risk Score (AI oriented)Between 750 and 799
PEMEX
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
PEMEX Global Score (TPRM)XXXX
PEMEX
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
PEMEX Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
PEMEX
Ransomware
Rankiteo Explanation
Attack threatening the economy of a geographical region
Description: Mexico's state-owned oil company, Pemex was targeted in a DoppelPaymer ransomware attack that infected 5% of its computer systems. The attackers encrypted its computer systems and stole data from its servers and demanded 565 bitcoins, or $4,899,295.80 USD as a ransom.
PEMEX Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for PEMEX
Incidents vs Oil and Gas Industry Average (This Year)
No incidents recorded for PEMEX in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for PEMEX in 2026.
Incident Types PEMEX vs Oil and Gas Industry Avg (This Year)
No incidents recorded for PEMEX in 2026.
Incident History — PEMEX (X = Date, Y = Severity)
PEMEX cyber incidents detection timeline including parent company and subsidiaries
PEMEX Company Subsidiaries
Petróleos Mexicanos es la mayor empresa de México, el mayor contribuyente fiscal del país, así como una de las empresas más grandes de América Latina. Es de las pocas empresas petroleras del mundo que desarrolla toda la cadena productiva de la industria, desde la exploración, hasta la distribución y comercialización de productos finales, incluyendo la petroquímica. Pemex contribuye el 35% del PEF, en otras palabras aporta 1 de cada 3 pesos para la construcción de escuelas, carreteras y hospitales. La tasa de éxito en exploración en aguas profundas es del 50% siendo superior al estándar internacional. En el 2014 las inversiones fueron por más de 25 mil millones de dólares. Pemex generó más de medio millón de empleos indirectos. Anualmente Pemex invierte cerca de 140 millones de dólares en donativos
Loading...
PEMEX Similar Companies
Equinor
We're Equinor, an international energy company with a proud history. Formerly Statoil, we are 20,000 committed colleagues developing oil, gas, wind and solar energy in more than 30 countries worldwide. We’re the largest operator in Norway, among the world’s largest offshore operators, and a growing
NOV
NOV delivers technology-driven solutions to empower the global energy industry. For more than 150 years, NOV has pioneered innovations that enable its customers to safely produce abundant energy while minimizing environmental impact. The energy industry depends on NOV’s deep expertise and technology
Fortune Global 500 Company, Bharat Petroleum is the second largest Indian Oil Marketing Company and one of the premier integrated energy companies in India, engaged in refining of crude oil and marketing of petroleum products, with a significant presence in the upstream and downstream sectors of the
CB&I is the world’s leading designer and builder of storage facilities, tanks, and terminals. With more than 60,000 structures completed throughout its 135+ year history, CB&I has the global expertise and strategically located operations to provide its customers world-class storage solutions for eve
TotalEnergies
Have you ever thought of offering your skills and expertise to a multinational company? Give your best to better energy and make the commitment with TotalEnergies. With over 500-plus professions in 130 countries, we offer high safety and environmental standards, strong ethical values, an innovatio
Oxy is an international energy company with assets primarily in the United States, the Middle East and North Africa. We are one of the largest oil producers in the U.S., including a leading producer in the Permian and DJ basins, and offshore Gulf of Mexico. Our midstream and marketing segment provid
Halliburton
We collaborate and engineer solutions to maximize asset value for our customers. Founded in 1919, Halliburton is one of the world's largest providers of products and services to the energy industry. With more than 45,000 employees, representing 130 nationalities in more than 80 countries, the compan
Shell is a global group of energy and petrochemical companies, employing 96,000 people across 70+ countries. We serve around 1 million commercial and industrial customers, and around 33 million customers daily at our Shell-branded retail service stations. Our purpose is to power progress together b
McDermott International, Ltd
McDermott is a premier provider of engineering and construction solutions to the energy industry. Our customers trust our technology-driven approach—engineered to responsibly harness and transform global energy resources into the products the world needs for now and what’s next. From concept to co
.png)
PEMEX CyberSecurity News
November 04, 2025 08:00 AM
Re-Thinking Cybersecurity
Global cybersecurity spending hit US$215 billion, yet incidents rose 75%, exposing the need for proactive breach containment, says Ilumio.
October 21, 2025 07:00 AM
Pemex pipeline fire in Cactus complex under investigation
The fire in a Pemex pipeline in Chiapas was controlled without compromising supply. 5 soldiers were injured and the origin is being...
September 27, 2025 07:41 PM
Energy reform: The new regulation for the Hydrocarbons Sector in Mexico | Latin America | Global law firm
In compliance with the constitutional reforms published in the Federal Official Gazette on October 31, 2024, and December 20, 2024 (the Constitutional...
July 28, 2025 07:00 AM
Digitalization, Safety Drive Success: ABS
ABS' technical advisory, focusing on regulatory compliance, digital transformation, and sustainable practices, strives for a safer,...
May 19, 2025 07:00 AM
Mexico: Cyber Crimes Likely to Escalate, Threatening National Security and Financial Interests
Mexico faces an escalation of cybercrimes targeting government institutions and key private sector industries, such as financial services,...
May 10, 2025 07:00 AM
Not Just Social Media: How Cartels Are Exploiting The Cyber Space To Expand Their Activities
View of a bullet-riddled wall bearing the initials of the criminal group Cartel Jalisco Nueva Generación Via Getty Images.
January 28, 2025 08:00 AM
Malware Infects Over 570 Mexican Government Computers
A recent cybersecurity investigation detected that over 570 government computers in Mexico have been infected by malware known as infostealers.
August 23, 2024 07:00 AM
Oil and Gas Sector Faces Escalating Cybersecurity Threats
Cyberattacks on critical infrastructure in Latin America have intensified, with the oil, gas, and energy sectors being the most heavily...
July 17, 2024 07:00 AM
Mota-Engil, PEMEX to Build US$1.2 Billion Fertilizer Plant
Construction firm Mota-Engil has signed an agreement with PEMEX to build a fertilizer plant in Veracruz.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
PEMEX CyberSecurity History Information
Official Website of PEMEX
The official website of PEMEX is https://www.pemex.com.
PEMEX’s AI-Generated Cybersecurity Score
According to Rankiteo, PEMEX’s AI-generated cybersecurity score is 770, reflecting their Fair security posture.
How many security badges does PEMEX’ have ?
According to Rankiteo, PEMEX currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has PEMEX been affected by any supply chain cyber incidents ?
According to Rankiteo, PEMEX has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does PEMEX have SOC 2 Type 1 certification ?
According to Rankiteo, PEMEX is not certified under SOC 2 Type 1.
Does PEMEX have SOC 2 Type 2 certification ?
According to Rankiteo, PEMEX does not hold a SOC 2 Type 2 certification.
Does PEMEX comply with GDPR ?
According to Rankiteo, PEMEX is not listed as GDPR compliant.
Does PEMEX have PCI DSS certification ?
According to Rankiteo, PEMEX does not currently maintain PCI DSS compliance.
Does PEMEX comply with HIPAA ?
According to Rankiteo, PEMEX is not compliant with HIPAA regulations.
Does PEMEX have ISO 27001 certification ?
According to Rankiteo,PEMEX is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of PEMEX
PEMEX operates primarily in the Oil and Gas industry.
Number of Employees at PEMEX
PEMEX employs approximately 45,054 people worldwide.
Subsidiaries Owned by PEMEX
PEMEX presently has no subsidiaries across any sectors.
PEMEX’s LinkedIn Followers
PEMEX’s official LinkedIn profile has approximately 259,183 followers.
NAICS Classification of PEMEX
PEMEX is classified under the NAICS code 211, which corresponds to Oil and Gas Extraction.
PEMEX’s Presence on Crunchbase
Yes, PEMEX has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/pemex.
PEMEX’s Presence on LinkedIn
Yes, PEMEX maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/pemex.
Cybersecurity Incidents Involving PEMEX
As of April 03, 2026, Rankiteo reports that PEMEX has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
PEMEX has an estimated 10,825 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at PEMEX ?
Incident Types: The types of cybersecurity incidents that have occurred include Ransomware.
Incident Details
Can you provide details on each incident ?
Title: DoppelPaymer Ransomware Attack on Pemex
Description: Mexico's state-owned oil company, Pemex was targeted in a DoppelPaymer ransomware attack that infected 5% of its computer systems. The attackers encrypted its computer systems and stole data from its servers and demanded 565 bitcoins, or $4,899,295.80 USD as a ransom.
Type: Ransomware
Attack Vector: DoppelPaymer Ransomware
Motivation: Financial Gain
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Ransomware.
Impact of the Incidents
What was the impact of each incident ?
Incident : Ransomware PEM20304622
Systems Affected: 5% of computer systems
Which entities were affected by each incident ?
Incident : Ransomware PEM20304622
Entity Name: Pemex
Entity Type: State-Owned Oil Company
Industry: Energy
Location: Mexico
Data Breach Information
What type of data was compromised in each breach ?
Incident : Ransomware PEM20304622
Data Exfiltration: Data stolen from servers
Data Encryption: Computer systems encrypted
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : Ransomware PEM20304622
Ransom Demanded: 565 bitcoins, or $4,899,295.80 USD
Ransomware Strain: DoppelPaymer
Data Encryption: Computer systems encrypted
Data Exfiltration: Data stolen from servers
Additional Questions
General Information
What was the amount of the last ransom demanded ?
Last Ransom Demanded: The amount of the last ransom demanded was 565 bitcoins, or $4,899,295.80 USD.
Impact of the Incidents
Ransomware Information
What was the highest ransom demanded in a ransomware incident ?
Highest Ransom Demanded: The highest ransom demanded in a ransomware incident was 565 bitcoins, or $4,899,295.80 USD.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Hirschmann EagleSDV version 05.4.01 prior to 05.4.02 contains a denial-of-service vulnerability that causes the device to crash during session establishment when using TLS 1.0 or TLS 1.1. Attackers can trigger a crash by initiating TLS connections with these protocol versions to disrupt service availability.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description
The stored API keys in temporary browser client is not marked as protected allowing for JavScript console or other errors to allow for extraction of the encryption credentials.
Description
XSS vulnerability in cveInterface.js allows for inject HTML to be passed to display, as cveInterface trusts input from CVE API services
Description
Multiple reflected cross-site scripting (XSS) vulnerabilities in the login.php endpoint of Interzen Consulting S.r.l ZenShare Suite v17.0 allows attackers to execute arbitrary Javascript in the context of the user's browser via a crafted URL injected into the codice_azienda and red_url parameters.
Description
A reflected cross-site scripting (XSS) vulnerability in the login_newpwd.php endpoint of Interzen Consulting S.r.l ZenShare Suite v17.0 allows attackers to execute arbitrary Javascript in the context of the user's browser via a crafted URL injected into the codice_azienda parameter.
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=pemex' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
