Colonial Pipeline told about data breach

by Emma Davis
August 16, 2021
Colonial Pipeline breach
Written by Emma Davis

In May 2021, Colonial Pipeline, the largest pipeline operator in the United States that is responsible for the transportation of fuel, suffered from an attack by the DarkSide ransomware, and now company representatives are reporting a data breach.

We talked about this attack more than once, because this incident forced the authorities to introduce an emergency regime in a number of states and became the very straw that can break the back of a camel: the attention of law enforcement agencies to ransomware has increased, and hacker forums hastened to ban advertising of ransomware.

Colonial Pipeline officials now report that it “recently became known” that during the attack, DarkSide operators could have stolen documents containing personal information of 5,810 people. That said, information ranges from names and contact details to health information and ID.

Back in the spring, information security experts noted that during the attack, hackers managed to steal about 100 GB of data from the company, but this information was not officially confirmed.

Now Bleeping Computer is citing the text of a letter that the company began sending out to victims.

The affected records contained certain personal information, such as name, contact information, date of birth, government-issued ID (such as Social Security, military ID, tax ID, and driver’s license numbers), and health-related information (including health insurance information).Colonial Pipeline reveals in the data breach notification letters.

However, as added by the CEO and president of the pipeline system Joseph A. Blount, Jr., not all information was stolen and not from every company’s client.

Let me remind you that after the attack on the Colonial Pipeline, the DarkSide group hastened to curtail all its operations and went off the grid, and soon the American authorities announced that they had managed to recover most of the ransom that the company had paid to the attackers.

Now cybersecurity experts believe that the new incarnation of DarkSide is the BlackMatter ransomware. This explains some of the limitations listed on the hackers’ site.

So, among other things, the group reports that it is not going to attack “the oil and gas industry (pipelines, oil refineries).” However, representatives of BlackMatter themselves deny any connection with DarkSide, claiming that they were only inspired by the “work of colleagues”.

Sending
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

About the author

Emma Davis

I'm writer and content manager (a short time ago completed a bachelor degree in Marketing from the Gustavus Adolphus College). For now, I have a deep drive to study cyber security.

View all posts

Leave a Reply

Sending