Colonial faces $1 million fine after ransomware attack

Colonial Pipeline may face a fine of nearly $1 million. After inspection, the regulator finds that the American oil company has probably violated several safety guidelines. Colonial can challenge the fine.

The Pipeline and Hazardous Materials Safety Administration (PHMSA) reports this in a press statement.

Colonial Pipeline CEO Pays $4.4 Million in Ransom

In May 2021, Colonial Pipeline was the news of the day. The petroleum company was the target of a ransomware attack. Hackers penetrated the company’s corporate network and were able to install ransomware. As a result, the oil company was forced to temporarily shut down production.

The attackers also managed to get hold of 100 GB of sensitive company information. They managed to steal names, contact information, dates of birth, copies of identity documents and health data of employees. Financial records, tax bills, insurance papers, reports and audits were also stolen.

Because tens of millions of Americans depend on the petroleum supply, the company decided to pay the hackers $4.4 million in ransom. “I realize it is a controversial decision. I didn’t take that lightly. I didn’t feel comfortable watching the money flow to the perpetrators. I did it in the national interest,” CEO Joseph Blount said in an interview.

Hackers managed to infiltrate network with leaked password

An investigation by cybersecurity company Mandiant showed that the hackers – believed to be members of the Russian hacker group DarkSide – had no access to critical parts of the IT systems. The perpetrators used a password from an employee’s VPN account to infiltrate the company’s network. It was leaked over the dark web. The account was not protected with two-factor authentication (2FA).

Colonial Pipeline restarted production on May 13. In August, the oil company sent 5,810 letters to people whose private information had been stolen. “We take our obligation to protect personal information very seriously and point it out to you so you can take steps to help protect yourself,” the chief executive promised in the letter.

Regulations are there for a reason

The story may have another twist. From January to November 2020, the PHMSA conducted an inspection to study Colonial Pipeline’s procedures and records. This shows that the oil company probably violated various safety regulations. For example, the company did not have a roadmap for manually shutting down and restarting the pipeline system. As a result, the ransomware attack could get so out of hand.

The PHMSA notified Colonial Pipeline of the violations. The regulator believes that a fine of $986,400 is appropriate. “The 2021 Colonial Pipeline incident is a reminder to all of us that it is imperative to comply with regulatory standards designed to mitigate risk to the public,” said PHMSA Deputy Director Tristan Brown.

Colonial Pipeline can challenge the fine and appeal the sanction. Whether the company actually does that is unknown. The oil company has not yet responded to the fine.

Catch up on more articles here

Follow us on Twitter here

Popular

Must read

MORE ON THIS TOPIC:

Related Posts