Saturday, May 25, 2024
HomeComputerData Breach Reported By Colonial Pipeline After Ransomware Attack

Data Breach Reported By Colonial Pipeline After Ransomware Attack

In the United States, the largest pipeline, the Colonial Pipeline has fallen prey to a ransomware attack in May. DarkSide ransomware attackers collected and exfiltrated data from the company network. This data contained the personal information of 5810 people. The information included names, contact info, health details, and ID. 

“…The affected records contained certain personal information, such as name, contact information, date of birth, government-issued ID (such as Social Security, military ID, tax ID, and driver’s license numbers), and health-related information (including health insurance information),…” as stated by Colonial Pipelines in the data breach notification letters sent out to the affected individuals.

For every individual, all of the before mentioned information was not extracted but a few of the list. 

Colonial Pipeline Shuts Down

The networks of Colonial Pipeline were hit on May 6, 2021. As they provide fuel for about half of the total fuel consumed in the US East Coast, they could not continue to operate. DarkSide operators have stolen approximately 100GB of data from the company’s networks.

The company realized that its networks were breached on May 7. Shortly after, they took down the systems offline for containing the threat. 

This shutdown caused the Department of Transportation’s Federal Motor Carrier Safety Administration (FMCSA) to declare a state of emergency. District of Colombia and 17 other states were in a state of emergency.

Due to such high levels of exposure, the DarkSide group ended its operation very suddenly. The group did not want attention from the US government along with media exposure. The operations were stopped only after cryptocurrency worth $4.4M was paid for a decryptor. The FBI successfully recovered a majority of it.

Forthcoming Of BlackMatter

Within two months, a ransomware operation emerged. They purchased network access from other attackers to launch attacks against corporate targets. This new ransomware operation is called BlackMatter. Their ransom demands are between $3M to $4M.

Emsisoft CTO, Fabian Wosar, who is also a ransomware expert has discovered an algorithm used exclusively by DarkSide, which BlackMatter has been using. The Salsa20 encryption algorithm is the name of the mentioned algorithm.


So it can be concluded, DarkSide had now been rebranded as BlackMatter. They are proactively attacking corporate companies. They also said that they will no longer target the oil and gasoline industry to not gain as much attention.



Please enter your comment!
Please enter your name here

Most Popular

Recent Comments

Izzi Казино онлайн казино казино x мобильді нұсқасы on Instagram and Facebook Video Download Made Easy with
Temporada 2022-2023 on CamPhish
2017 Grammy Outfits on Meesho Supplier Panel: Register Now!
React JS Training in Bangalore on Best Online Learning Platforms in India
DigiSec Technologies | Digital Marketing agency in Melbourne on Buy your favourite Mobile on EMI
亚洲A∨精品无码一区二区观看 on Restaurant Scheduling 101 For Better Business Performance

Write For Us