The hackers who shut down Colonial Pipeline on Friday began their cyberattack on America’s largest fuel pipeline operator a day earlier and stole a large amount of data, Bloomberg News reported citing people familiar with the matter.
The attackers are part of a cybercrime group called DarkSide and removed nearly 100 gigabytes of data from Colonial’s network in just two hours on Thursday, Bloomberg reported on Saturday evening, citing two people involved in the company’s investigation.
Colonial did not immediately respond to an email from Reuters requesting comment outside regular U.S. business hours.
Colonial Pipeline shut down its entire network, the source of nearly half of the US east coast’s fuel supply, after a cyberattack involving ransomware. Read more
Our Standards: The Thomson Reuters Trust Principles.