Security News > 2021 > August > Colonial Pipeline reports data breach after May ransomware attack

Colonial Pipeline, the largest fuel pipeline in the United States, is sending notification letters to individuals affected by the data breach resulting from the DarkSide ransomware attack that hit its network in May. The company says that it "Recently learned" that DarkSide operators were also able to collect and exfiltrate documents containing personal information of a total of 5,810 individuals during their attack.

"The affected records contained certain personal information, such as name, contact information, date of birth, government-issued ID, and health-related information," Colonial Pipeline reveals in the data breach notification letters.

The DarkSide ransomware gang hit the networks of Colonial Pipeline, which supplies roughly half of all the fuel on the US East Coast, on May 6.

During the incident, DarkSide operators also stole roughly 100GBs of files from breached Colonial Pipeline systems in about two hours, according to sources close to the investigation.

Colonial Pipeline said it was forced to shut down its entire infrastructure to contain the threat after the attack.

Their decision to stop operations came after Colonial Pipeline paid $4.4 million worth of cryptocurrency for a decryptor, most of it later recovered by the FBI. From DarkSide to BlackMatter.

News URL

https://www.bleepingcomputer.com/news/security/colonial-pipeline-reports-data-breach-after-may-ransomware-attack/