Friday, February 28, 2025, 3:14PM |  38°
MENU
SECTIONS
OTHER
CLASSIFIEDS
CONTACT US / FAQ
Advertisement
Colonial Pipeline, operator of the nation's largest fuel pipeline, confirmed Wednesday it paid $4.4 million to a gang of hackers who broke into its computer systems. That's according to a report from the Wall Street Journal.
1
MORE

Colonial Pipeline confirms it paid $4.4M to hackers

Chris Carlson/Associated Press

Colonial Pipeline confirms it paid $4.4M to hackers

NEW YORK — The operator of the nation’s largest fuel pipeline confirmed it paid $4.4 million to a gang of hackers who broke into its computer systems.

Colonial Pipeline said Wednesday that after it learned of the May 7 ransomware attack, the company took its pipeline system offline and needed to do everything in its power to restart it quickly and safely, and made the decision then to pay the ransom.

“This decision was not made lightly,” but it was one that had to be made, a company spokesman said. “Tens of millions of Americans rely on Colonial — hospitals, emergency medical services, law enforcement agencies, fire departments, airports, truck drivers and the traveling public.”

Advertisement

Colonial Pipeline’s CEO, Joseph Blount, told The Wall Street Journal he authorized the payment because the company didn’t know the extent of the damage and wasn’t sure how long it would take to bring the pipeline’s systems back.

The FBI discourages making ransom payments to ransomware attackers, because paying encourages criminal networks around the globe who have hit thousands of businesses and health care systems in the U.S. in the past year alone. But many victims of ransomware attacks, where hackers demand large sums of money to decrypt stolen data or to prevent it from being leaked online, opt to pay.

“I know that’s a highly controversial decision,” Mr. Blount told the Journal. “I didn’t make it lightly. I will admit that I wasn’t comfortable seeing money go out the door to people like this.”

“But it was the right thing to do for the country,” he said.

Advertisement

Mr. Blount said Colonial paid the ransom in consultation with experts who previously dealt with the group behind the attacks, DarkSide, which rents out its ransomware to partners to carry out the actual attacks.

Multiple sources had confirmed to The Associated Press that Colonial Pipeline had paid the criminals who committed the cyberattack a ransom of nearly $5 million in cryptocurrency for the software decryption key required to unscramble their data network.

A ransom payment of 75 Bitcoin was paid the day after the criminals locked up Colonial’s corporate network, according to Tom Robinson, co-founder of the cryptocurrency-tracking firm Elliptic. Prior to Mr. Robinson’s blog post, two people briefed on the case had confirmed the payment amount to AP.

Mr. Blount told the Journal the attack was discovered around 5:30 a.m. on May 7. It took Colonial about an hour to shut down the pipeline, which has 260 delivery points across 13 states and Washington, D.C., Mr. Blount said. That helped prevent the infection from potentially migrating to the pipeline’s operational controls.

The pipeline system delivers about 45% of the gasoline consumed on the East Coast, and Colonial, which is based in Alpharetta, Ga., halted fuel supplies for nearly a week. That led to panic-buying and shortages at gas stations from Washington, D.C. to Florida.

Colonial restarted its pipeline a week ago, but it took time to resume a full delivery schedule, and the panic-buying led to gasoline shortages. More than 9,500 gas stations were out of fuel on Wednesday, including half of the gas stations in D.C. and 40% of stations in North Carolina, according to Gasbuddy.com, which tracks fuel prices and station outages.

Associated Press Writer Frank Bajak contributed to this report from Boston.

First Published: May 19, 2021, 8:01 p.m.

RELATED
SHOW COMMENTS (6)  
Join the Conversation
Commenting policy | How to Report Abuse
If you would like your comment to be considered for a published letter to the editor, please send it to letters@post-gazette.com. Letters must be under 250 words and may be edited for length and clarity.
Partners
Advertisement
Ohio State quarterback Will Howard passes against Notre Dame during first half of the College Football Playoff national championship game Monday, Jan. 20, 2025, in Atlanta.
1
sports
Steelers NFL draft big board: Best fits at quarterback
Pittsburgh Penguins goaltender Alex Nedeljkovic takes a timeout during the first period of an NHL hockey game against the Washington Capitals in Pittsburgh, Saturday, Feb. 22, 2025.
2
sports
Penguins rally after Alex Nedeljkovic’s outburst, beat the Flyers in overtime
Eagles quarterback Jalen Hurts, center, and teammates run the 'Tush Push' play during an playoff game against the Washington Commanders, Sunday, Jan. 26, 2025, in Philadelphia.
3
sports
Ray Fittipaldo: The Packers are right. The NFL should ban the 'Tush Push'
The 1860s farmhouse at 317 James St. in Verona has a new gray and black color scheme.
4
life
Buying Here: Brooklyn chef snaps up an 1860s farmhouse priced at $230K
Janet Broniecki pushes a cart of bread into a temperature-controlled proofer to let the dough rise before baking. Mancini's  produces 10,000 loaves a day, 7 days a week.
5
life
Iconic Eats: McKees Rocks-based Mancini’s Bakery has been feeding the area since 1926
Colonial Pipeline, operator of the nation's largest fuel pipeline, confirmed Wednesday it paid $4.4 million to a gang of hackers who broke into its computer systems. That's according to a report from the Wall Street Journal.  (Chris Carlson/Associated Press)
Chris Carlson/Associated Press
Advertisement
LATEST news
Advertisement
TOP
Email a Story