US pipeline giant Colonial Pipeline is now informing nearly 6,000 customers that the DarkSide ransomware gang, who targeted the company in May with serious consequences, also stole their personal data records.
Colonial Pipeline appeared in the headlines of news portals around the world this year after a powerful ransomware attack forced it to shut operations, crippling fuel supplies across the US East Coast. The company later paid as much as $4.4 million in ransom to the DarkSide ransomware gang, aside from incurring major expenses in remediation efforts.
After the ransom amount was paid, CEO Joe Blount told NPR that paying the hackers was the right thing to do as the company’s foremost priority was to restore operations as quickly as possible.
“So once we identified the risk and contained the risk by shutting the pipeline system down and immediately called in cyber experts to help us with identifying further what had been done to our system, one of the things that came up, ultimately, was the ransom and whether to pay the ransom or not.
“And if owning that de-encryption tool gets you there quicker, then it’s the decision that had to be made. And I did make that decision that day. It was the right decision to make for the country,” he said.
It now turns out that disruption of operations and financial loss weren’t the only setbacks the company suffered in the aftermath of the ransomware attack. Colonial Pipeline told CNN Business this week that the ransomware actors managed to steal the personal information of 5,810 individuals as well. The stolen information included names, dates of birth, social security numbers, contact details, driver’s licences, health insurance data, and military ID numbers.
“Though our pipeline system is now fully operational, we have been hard at work with third-party cybersecurity experts determining what, if any, personal information may have been affected as a result of the attack,” a spokesperson told CNN Business.
“Based on this review, we learned that an unauthorized party acquired certain personal information in connection with the attack. Colonial Pipeline sincerely appreciates the ongoing support and understanding from our dedicated employees and the public as we worked to thoroughly investigate this incident.”