Technology
Cybersecurity

Hackers Breached Colonial Pipeline Using Compromised Password

  • Investigators suspect hackers got password from dark web leak
  • Colonial CEO hopes U.S. goes after criminal hackers abroad
Photographer: Samuel Corum/Bloomberg
Have a confidential tip for our reporters? Get in Touch
Before it’s here, it’s on the Bloomberg Terminal
Bloomberg Terminal LEARN MORE
By and
Lock
This article is for subscribers only.

The hack that took down the largest fuel pipeline in the U.S. and led to shortages across the East Coast was the result of a single compromised password, according to a cybersecurity consultant who responded to the attack.

Hackers gained entry into the networks of Colonial Pipeline Co. on April 29 through a virtual private network account, which allowed employees to remotely access the company’s computer network, said Charles Carmakal, senior vice president at cybersecurity firm Mandiant, part of FireEye Inc., in an interview. The account was no longer in use at the time of the attack but could still be used to access Colonial’s network, he said.

Have a confidential tip for our reporters? Get in Touch
Before it’s here, it’s on the Bloomberg Terminal
Bloomberg Terminal LEARN MORE
HomeBTV+Market DataOpinionAudioOriginalsMagazineEvents
News
MarketsEconomicsTechnologyPoliticsGreenCryptoAI
Work & Life
WealthPursuitsBusinessweekCityLabEqualityPursuitsWork Shift
Market Data
StocksCommoditiesRates & BondsCurrenciesFuturesSectorsEconomic Calendar
Explore
NewslettersExplainersThe Big TakeGraphicsSubmit a TipAbout Us
Terms of ServiceTrademarksPrivacy Policy
CareersMade in NYCAdvertise
Ad Choices
Help©2024 Bloomberg L.P. All Rights Reserved.