Colonial Pipeline Co. paid nearly $5 million in untraceable cryptocurrency to Eastern European hackers within hours of a crippling cyberattack that shut down the nation’s largest fuel pipeline, Bloomberg News reported, citing people familiar with the transaction.
The report noted that Colonial, a company that feeds nearly 45% of fuel needs on the U.S. East Coast, paid the ransom on May 7 after it was forced to temporarily freeze its IT systems to isolate the malware infection. Upon receiving their ransom, the hackers provided a decryption key to enable Colonial’s computer network restoration. However, the key was reportedly “so slow” that Colonial kept using its own backups to help relaunch its network, according to Bloomberg.
Colonial Pipeline’s six-day outage caused gasoline shortages from Virginia to Florida, causing panic buying across some cities in the United States.
B’berg’s report contradicts reports from Reuters and Washington Post on Wednesday that said Colonial had no plans to pay up the ransomware group. which has been identified by the U.S. as members of DarkSide, a ransomware-as-a-service outfit believed to be located in Russia or Eastern Europe.
On Thursday, Colonial said in an update that it “has made substantial progress in safely restarting our pipeline system and can report that product delivery has commenced in a majority of the markets we service.”