fbpx

Colonial Pipeline Ransomware Attack and Shutdown Class Action

In May 2021, the Colonial Pipeline Company was hit with a ransomware attack that locked data in its systems and led to a pipeline shutdown. Colonial quickly paid the ransom, but it took five days to restart the pipeline. This class action brings suit on behalf of the gas stations impacted by the attack, alleging that Colonial failed to take adequate measures to protect the pipeline’s infrastructure. Astonishingly, it also claims that the cybercriminals did not shut the pipeline down; they only locked billing information, it says, and Colonial then shut the pipeline down because it couldn’t be sure who to bill for the gasoline it would’ve been delivering.

The Nationwide Class for this action is all gas stations that experienced a fuel shortage, an increase in the price paid for gasoline, or an inability to sell fuel to their customers as a result of the ransomware attack.

The complaint quotes Wikipedia’s description of the pipeline was being “the largest pipeline system for refined oil products in the US” with a capacity of 3 million barrels, or 100 million gallons, of fuel per day, between Texas and New York. The complaint alleges that Colonial “has a virtual monopoly in its role in gasoline supply for multiple parts of the East Coast…”

Although the ransomware attack began on April 29, the complaint says it was not discovered immediately. On May 7, the criminals locked certain data in the system, although the attack did not reach the pipeline control systems. Colonial then paid the cybercriminals the $4.4 million ransom it demanded by the end of the day, even though the FBI advises ransomware victims not to do so. It took five more days to restart the pipeline.

The end result? The complaint alleges, “The five-day shutdown of the Pipeline resulted in fuel shortages in areas that the Pipeline services, affecting more than 11,000 gas stations and causing a sharp increase in the price of gasoline for automobiles and other motor vehicles and a sharp decrease in convenience store sales.”

According to the complaint, the security lapse in Colonial’s electronic systems that permitted the ransomware attack was “basic and grossly negligent. … In the lead-up to the electronic break-in, [Colonial] had repeatedly ignored and rejected efforts by the applicable regulatory agency to meet with it so as to check on its cybersecurity.”

The complaint alleges that the company “had no plan in place for ransomware attacks and had left up a legacy VPN system without shutting off logins and passwords for old employees—a basic failure according to [Colonial’s] own later-retained experts.”

The complaint makes an astounding accusation, stating that the ransomware attack affected only customer billing information and not the actual pipeline controls: “On information and belief, [Colonial] elected to shut down the pipeline in whole or part not because the threat actor had reached the operational systems, but because [Colonial] was not sure it could continue to accurately bill for the product moving through its Pipeline.”

Article Type: Lawsuit
Topic: News

Most Recent Case Event

Colonial Pipeline Ransomware Attack and Shutdown Complaint

June 21, 2021

In May 2021, the Colonial Pipeline Company was hit with a ransomware attack that locked data in its systems and led to a pipeline shutdown. Colonial quickly paid the ransom, but it took five days to restart the pipeline. This class action brings suit on behalf of the gas stations impacted by the attack, alleging that Colonial failed to take adequate measures to protect the pipeline’s infrastructure. Astonishingly, it also claims that the cybercriminals did not shut the pipeline down; they only locked billing information, it says, and Colonial then shut the pipeline down because it couldn’t be sure who to bill for the gasoline it would’ve been delivering.

Colonial Pipeline Ransomware Attack and Shutdown Complaint

Case Event History

Colonial Pipeline Ransomware Attack and Shutdown Complaint

June 21, 2021

In May 2021, the Colonial Pipeline Company was hit with a ransomware attack that locked data in its systems and led to a pipeline shutdown. Colonial quickly paid the ransom, but it took five days to restart the pipeline. This class action brings suit on behalf of the gas stations impacted by the attack, alleging that Colonial failed to take adequate measures to protect the pipeline’s infrastructure. Astonishingly, it also claims that the cybercriminals did not shut the pipeline down; they only locked billing information, it says, and Colonial then shut the pipeline down because it couldn’t be sure who to bill for the gasoline it would’ve been delivering.

Colonial Pipeline Ransomware Attack and Shutdown Complaint
Tags: Inadequate Cybersecurity