Colonial Pipeline Breach strongly denied

RANSOMEDVC ransomware group has declared that they successfully infiltrated Colonial Pipeline, the American company operating a significant pipeline system that transports over 100 million gallons of various petroleum products, including gasoline, diesel fuel, and jet fuel, on a daily basis.

In response to the claim the Alpharetta-based company, which delivers about 45% of the gasoline consumed on the East Coast, says data posted online appear to be from a third-party vendor and not originating from within the company itself.

Advertisements

These latest claims surfaced through posts on their dark web blog. The group also shared their claims via their recently launched Telegram channel and their X (previously Twitter) account. RANSOMEDVC is the same group that claimed to have breached Sony during last month

Threat actors publicly shared a file containing 5GB of data, claiming it belongs to Colonial Pipeline. Hackread.com has examined and analyzed this data. While it’s premature to draw definitive conclusions, the files and folders appear to contain a wealth of information, including diagrams, internal documents, leak detection policies, ICS and SCADA-related presentations, as well as photos of employees handling electronic equipment, among other things.

The statement released late Friday reads:

“Colonial Pipeline is aware of unsubstantiated claims posted to an online forum that its system has been compromised by an unknown party. After working with our security and technology teams, as well as our partners at CISA, we can confirm that there has been no disruption to pipeline operations and our system is secure at this time. Files that were posted online initially appear to be part of a third-party data breach unrelated to Colonial Pipeline.”