US regulator suggests $1m fine for Colonial Pipeline due to cyber failures

The US Department of Transportation’s Pipeline and Hazardous Materials Safety Administration (PHMSA) has called on the Colonial Pipeline to receive a $1m fine.

The Colonial Pipeline – which transports 100 million gallons of fuel daily to customers from New York to Texas – was hit by a cyberattack in May 2021. The attack was perpetrated by DarkSide ransomware, and led to states declaring a state of emergency and temporary gas shortages.

Colonial Pipeline paid the cybercriminals for a tool designed to help it recover files that had been encrypted by the ransomware.

According to Security Week, the PHMSA has proposed civil penalties of $986,000 for the operator for what is has described as ‘control room management failures’. The regulator said that ‘failures to adequately plan and prepare for a manual restart and shutdown operation contributed to the national impacts when the pipeline remained out of service after the May 2021 cyberattack’.

Colonial recently told Reuters that the notice issued by the PHMSA is the first step in a multi-step regulatory process and the company is looking forward to working with the regulator.

Copyright © 2022 RegTech Analyst

Enjoyed the story? 

Subscribe to our weekly RegTech newsletter and get the latest industry news & research

Copyright © 2018 RegTech Analyst


The following investor(s) were tagged in this article.