Colonial Pipeline Reportedly Admits Data Breach

Written by

Colonial Pipeline has reportedly admitted that nearly 6000 individuals may have had their personal information compromised by ransomware attackers when they struck earlier this year.

The fuel pipeline operator, which was crippled by the attack in May, confirmed to CNN Business that it had begun sending out breach notification letters to 5810 victims. Most of those affected are thought to be current and former employees and family members.

The compromised information is thought to include names, contact information, birth dates, Social Security numbers, driver’s license details, military ID numbers, and health insurance information.

Speaking to the news channel, a spokesperson from the critical infrastructure operation thanked employees and the public for their understanding as it continues to work through the incident.

“Though our pipeline system is now fully operational, we have been hard at work with third-party cybersecurity experts determining what, if any, personal information may have been affected as a result of the attack,” they added in a statement.

“Based on this review, we learned that an unauthorized party acquired certain personal information in connection with the attack.”

The May ransomware attack forced one of the biggest fuel pipelines in the US offline for several days, pushing prices up and hardening the Biden administration’s stance on cyber-criminals operating from Eastern Europe.

The DarkSide gang thought to have been responsible for the malware soon appeared to disband due to the extra scrutiny from the US government.

Since the attack, ransomware has the attention of heads of state across the globe and has led to sharp words from Washington, NATO and the G7 directed at Russia, which is thought to turn a blind eye to such attacks operating from within its borders.

Data exfiltration is now a common tactic for ransomware actors looking to increase their chances that victim organizations pay up following an attack. According to Coveware, 81% of raids in Q2 2021 involved the threat to leak stolen data, up 5% from the previous quarter.

What’s hot on Infosecurity Magazine?