Skip to Content

Colonial Pipeline says ransomware attack also led to personal information being stolen

<i>Michael M. Santiago/Getty Images</i><br/>Fuel holding tanks are seen at Colonial Pipeline's Linden Junction Tank Farm on May 10 in Woodbridge
Getty Images
Michael M. Santiago/Getty Images
Fuel holding tanks are seen at Colonial Pipeline's Linden Junction Tank Farm on May 10 in Woodbridge

By Brian Fung, CNN Business

The ransomware attack that forced Colonial Pipeline, one of the largest fuel pipelines in the United States, to go offline this spring also compromised the personal information of nearly 6,000 individuals, a company spokesperson told CNN Business.

The pipeline operator has begun sending data breach notification letters to the 5,810 affected individuals, who are mostly current or former company employees and their family members, the spokesperson said on Monday.

A sample letter dated Aug. 13 and reviewed by CNN Business informs recipients that the hackers gained access to records including names; contact information; birth dates; Social Security, driver’s license and military ID numbers; and health insurance information. The letter was first reported by the cybersecurity news outlet Bleeping Computer and its authenticity was confirmed by the spokesperson.

“Though our pipeline system is now fully operational, we have been hard at work with third-party cybersecurity experts determining what, if any, personal information may have been affected as a result of the attack,” the company spokesperson told CNN Business in a statement. “Based on this review, we learned that an unauthorized party acquired certain personal information in connection with the attack.”

“Colonial Pipeline sincerely appreciates the ongoing support and understanding from our dedicated employees and the public as we worked to thoroughly investigate this incident,” the spokesperson added.

The cyberattack against Colonial Pipeline in May prompted the company to preemptively shut down its fuel distribution operations, leading to widespread shortages at gas stations along the east coast. Colonial paid $4.4 million to the hacking group DarkSide to resolve the incident, though some of that ransom money was later recovered by the authorities.

The Colonial hack was one of a string of recent cybersecurity incidents that have made ransomware a top issue for the US government. The Biden administration has increasingly described the malicious software as a threat to national and economic security as hackers have gone after cash-rich US infrastructure targets.

The-CNN-Wire
™ & © 2021 Cable News Network, Inc., a WarnerMedia Company. All rights reserved.

Article Topic Follows: CNN - Social Media/Technology

Jump to comments ↓

CNN Newsource

BE PART OF THE CONVERSATION

KION 46 is committed to providing a forum for civil and constructive conversation.

Please keep your comments respectful and relevant. You can review our Community Guidelines by clicking here

If you would like to share a story idea, please submit it here.

Skip to content