Colonial Pipeline CEO admits data stolen in ransomware attack
Jun 08, 2021
Washington [US], June 8 (ANI/Sputnik): Hackers behind last month's ransomware attack on Colonial Pipeline stole multiple data from the company, but it was quickly retrieved, CEO Joseph Blount told a US Senate panel on Tuesday.
"As part of the ransomware note they tell you that they have encrypted information, that they have exfiltrated information. So we knew that they had exfiltrated information," Blount said in a testimony to the US Senate Committee on Homeland Security and Governmental Affairs.
The ransomware attack caused a brief shutdown of the key pipeline transporting fuel to the US East Coast and forced Colonial to pay around $4.4 million to the Darkside hacking group allegedly based in Russia in exchange for encryption tools. More than half of the sum was later retrieved by US law enforcement agencies.
Blount said that hackers stole "a lot of different type of materials" from the company's shared drive.
"The good news is it was retrieved very quickly. It was bright back in. We don't fully understand everything that is in it because where it has been held since it was retrieved. But we have people obviously involved in a combined process who have been looking very closely at that data," he added.
Blount said that the company works on that "very closely" with the FBI which continues the investigation. (ANI/Sputnik)