Colonial Pipeline forgets to mention it already paid $5M Bitcoin to hackers

A padlock on some data to represent the files Colonial Pipeline just unlocked by paying a Bitcoin ransom.

Colonial Pipeline paid $5 million in Bitcoin to its extortionists hours after it halted operations last week, Bloomberg reports.

The news contradicts statements made Wednesday by the fuel company, saying they wouldn’t pay.

  • Hacker crew DarkSide launched a ransomware attack last week on Colonial Pipeline, which provides 45% of gas, diesel, and jet fuel on the East Coast.
  • The company halted operations last Friday to “contain the threat,” triggering a nationwide warning of oil shortages.
  • On Wednesday, media outlets reported the company had no intention of paying a ransom fee — it paid at 17:00 on May 7.

In response, DarkSide has reportedly provided a decryption tool to bring the disabled systems back up.

But while Colonial buried the lede, the national average gas price surged to $3.028 a gallon on Thursday, its highest point in six years.

Colonial paid 75 BTC to get rid of Darkside

Anne Neuberger, the White House’s top cybersecurity official, said in a briefing (via Quartz): “companies are often in a difficult position” when facing a ransomware attack without backed-up data.

Victims often end up paying at least part of the ransom in cases like these, Neuberger commented.

According to crypto researcher JP Koning, DarkSide accepts both Bitcoin and Monero, offering a 10% discount for the latter.

The exact crypto ransom was confirmed by the New York Times. The outlet reported Colonial Pipeline paid 75 BTC ($5 million), citing sources familiar with the transaction.

Prefer to listen to your news? The Protos Podcast delivers the week’s top stories every Friday.

Join our newsletter and get crypto news in your inbox