“We proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations, and affected some of our IT system,” the company said in a statement late on Friday.
Earlier in the day, the company reported “network issues,” that allegedly turned out to be a large-scale attack. Colonial said it has recruited an unnamed cybersecurity firm to help tackle the issue, and it has also notified the authorities about the breach.
“Upon learning of the issue, a leading, third-party cybersecurity firm was engaged, and they have already launched an investigation into the nature and scope of this incident, which is ongoing. We have contacted law enforcement and other federal agencies,” the company stated.
Colonial did not provide any further information about the attack and did not say when pipeline operations would be resumed.
“At this time, our primary focus is the safe and efficient restoration of our service and our efforts to return to normal operation. This process is already underway, and we are working diligently to address this matter and to minimize disruption to our customers,” Colonial stated.
The cyber-attack may cause disruption to fuel supply across the US, given the size of the affected company. Colonial is the largest refined products pipeline operator in the US, transporting some 2.5 million barrels per day of gasoline, diesel, and jet fuel through its vast pipeline network. According to the company, it transports roughly 45% of the fuel supply for the entire US East Coast. RT