Colonial Pipeline paid nearly $5 million to Eastern European hackers on Friday, contradicting reports earlier this week that the company had no intention of paying an extortion fee to help restore the country's largest fuel pipeline, according to two people familiar with the transaction.
The company paid the hefty ransom in difficult-to-trace cryptocurrency within hours after the attack, underscoring the immense pressure faced by the Georgia-based operator to get gasoline and jet fuel flowing again to major cities along the Eastern Seaboard, those people said. A third person familiar with the situation said US government officials are aware that Colonial made the payment.
Once they received the payment, the hackers provided the operator with a decrypting tool to restore its disabled computer network. The tool was so slow that the company continued using its own backups to help restore the system, one of the people familiar with the company's efforts said.
A representative from Colonial declined to comment.
When Bloomberg asked President Joe Biden if he was briefed on company's ransom payment, the president paused, then said: “I have no comment on that.”
Toshiba unit hacked by DarkSide, to undergo review
A Toshiba unit said it was hacked by the DarkSide ransomware group, overshadowing an announcement of a strategic review for the firm under pressure from activist shareholders to seek out suitors. It added that only a minimal amount of work data had been lost. Reuters
Irish health service shuts IT system amid cyber attack
A Toshiba unit said it was hacked by the DarkSide ransomware group, overshadowing an announcement of a strategic review for the firm under pressure from shareholders to seek out suitors. Only a minimal amount of work data had been lost. Reuters