[MART] - Daily Diary #327 - Colonial Pipelines Ransomware Attack Impacted Personal Information

CTAS-MAT ctas-mat at appgate.com
Mon Aug 16 23:29:38 UTC 2021


I hope everyone is doing well!

Below is the entry for today.

08/16/2021 - Diary entry #327:

The group behind the attacks against Colonial Pipelines in May 2021, Darkside, forced the company to shut down some of their fuel lines (covered on our Daily Diary #259). Now, the Colonial Pipeline stated that they recently learned that the Darkside group was able to steal data containing personal information of 5,810 individuals during their attack.

The leaked data containing name, contact information, government-issued ID and health-related information was accessed by an "unauthorized third-party" during the attack. The company is now notifying the individuals.

After the attack, Darkside announced it was shutting down its operations after its servers were seized and its cryptocurrency wallets cleared. Later, a new ransomware operation emerged as BlackMatter willing to purchase access to corporate networks. Information discovered by security researchers believe that BlackMatter has recruited or was created by affiliates from the ransomware gangs DarkSide and REvil (responsible for the attack on Kaseya).

Kind Regards,


[https://d3aafpijpsak2t.cloudfront.net/images/Signature/likedin@2x.png]<https://www.linkedin.com/company/appgate-security/>     [https://d3aafpijpsak2t.cloudfront.net/images/Signature/twitter@2x.png] <https://twitter.com/AppgateSecurity>   [https://d3aafpijpsak2t.cloudfront.net/images/Signature/youtube@2x.png] <https://www.youtube.com/channel/UC-8GvxcZbm-R3EJNl8jYjiQ>

Felipe Tarijon de Almeida
Malware Analyst

E: felipe.tarijon at appgate.com<mailto:felipe.tarijon at appgate.com>
O: +55 11 97467 9549

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.immunityinc.com/pipermail/mart/attachments/20210816/8364b057/attachment.htm>

More information about the MART mailing list