Colonial Pipeline Admits Ransomware Attack Stole Personal Data

Three months after US east coast fuel supplies were crippled in ransomware attack, Colonial Pipeline has admitted personal data was also stolen.

Speaking to CNN, a company spokesperson confirmed that the ransomware attack in May had compromised the personal information of nearly 6,000 individuals.

The problem began on Friday 7 May this year, when a major pipeline (Colonial Pipeline) in the United States was attacked by DarkSide, that resulted in widespread fuel shortages on the US east coast.

Pipeline attack

Indeed, so serious was the attack that the US government engaged emergency powers and US President Joe Biden received “personal briefings” about the cyberattack.

And the attack brought ransomware attacks into the public light and they dominated the face-to-face meeting in June between Biden and Russia’s President Vladimir Putin.

And to make matters worse, the management of Colonial Pipeline paid the DarkSide hackers to restore its systems.

The CEO, Joseph Blount, authorised a ransom payment of $4.4 million (75 Bitcoin).

He said they had authorised the ransom payment, because executives were unsure how badly the cyberattack had breached its systems, and consequently, how long it would take to bring the pipeline back.

Security researchers at London-based Eliptic subsequently identified the Bitcoin digital wallet used by DarkSide to extract ransoms from their victims.

And in June the US DoJ seized 63.7 bitcoins in a ransom recovery.

Stolen data

Besides crippled IT systems at Colonial Pipeline in May, the DarkSide hackers also reportedly stole personal data of thousands of people.

Bleeping Computer first reported that Colonial Pipeline was sending notification letters that it had “recently learned” that DarkSide operators were also able to collect and exfiltrate documents containing personal information of a total of 5,810 individuals during their attack.

The 5,810 people impacted are reported mostly current or former company staff and their family members, a Colonial Pipeline spokesperson told CNN.

The letter explains the hackers reportedly gained access to records including names; contact information; birth dates; social security, driver’s license and military ID numbers; and health insurance information – all of which can be used for future exploits.

“Though our pipeline system is now fully operational, we have been hard at work with third-party cybersecurity experts determining what, if any, personal information may have been affected as a result of the attack,” the company spokesperson told CNN.

“Based on this review, we learned that an unauthorised party acquired certain personal information in connection with the attack,” the spokesperson reportedly said.

“Colonial Pipeline sincerely appreciates the ongoing support and understanding from our dedicated employees and the public as we worked to thoroughly investigate this incident,” the spokesperson concluded.

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Tesla Reaches $1 Trillion Valuation

Car maker Tesla now worth at least double that of Toyota, Volkswagen and Ford combined,…

2 hours ago

Australia Funds Telstra Buy Of Digicel Pacific To Thwart China

Strategic blocking? Australian government joins forces with Telstra to acquire Digicel Pacific, after interest from…

3 hours ago

Apple ‘Very Likely’ To Face DoJ Antitrust Lawsuit – Report

Two year investigation by Department of Justice of tech giants has seen acceleration of Apple…

4 hours ago

France Holds Secret Talks With Israel Over NSO Spyware

Top adviser to French President holds talks with Israeli counterpart to discuss NSO spyware allegedly…

5 hours ago

Facebook Making Online Hate Worse, Whistleblower Tells MPs

Frances Haugen answered questions from the UK parliament's Joint Committee on Monday, after cache of…

7 hours ago

Silicon UK In Focus Podcast: Women In Tech

Today we are speaking to Joanne Thurlow, Head of IT for Siemens Energy, Industrial Application…

7 hours ago