A potential advanced cyberattack on OMV’s IT/OT convergence systems could cause malfunctions and disruptions in essential plant process controls. This may result in incorrect information about production process parameters and could trigger a chain reaction leading to physical accidents with environmental impacts, such as fires, gas leaks, or oil spills. Additionally, depending on the intrusive software, the attack could affect systems hosting confidential and private data, resulting in a data leakage scenario. To mitigate the risk of potential data leakage or loss, OMV employs a mature information security management system, which enhances the security of personal information and protects privacy rights. Both IROs for OMV identified under G1 Cybersecurity are linked to all three OMV divisions (Energy, Fuels & Feedstock, and Chemicals) within our own operations. Furthermore, both these impacts extend to our Upstream and/or Downstream value chain. For details on our material IROs for Cybersecurity, see ESRS 2 General Information.