Colonial Pipeline is mailing out breach notifications to almost 6,000 current and former employees saying the company’s data was compromised by the DarkSide ransomware group in May.
The company said that the group gained access to “certain records” that were stored in its systems on May 6.
“The affected records contained certain personal information, such as name, contact information, date of birth, government-issued ID (such as Social Security, military ID, tax ID and driver’s license numbers) and health-related information (including health insurance information). Not all of this information was affected for each impacted individual,” the letter said.
Bloomberg reported in May that the DarkSide group stole almost a hundred GBs of data from the pipeline company.
Colonial Pipeline said it would give affected individuals two years of free identity restoration and credit monitoring services from Experian. It also advised to monitor credit reports for unauthorized activity.
A company official confirmed to CNN Business that the personal information of its customers was lost during the attack.
The attack on the pipeline, which left many parts of the East Coast without fuel for several days, became a wake-up call for the government about how to respond to such incidents. Following the attack on the oil and gas industry, various new regulations have been released.
Colonial was forced to pay a ransom to the DarkSide group in order to secure the supply of fuel.
Due to the increased law enforcement attention, DarkSide disbanded and some members reformed under the new name BlackMatter. The operators behind BlackMatter stated that they would no longer be targeting that kind of critical infrastructure and they “see no sense in attacking them.”