Colonial Pipeline Co. paid the group that hacked its pipeline a nearly $5 million ransom in untraceable cryptocurrency within hours of the cyberattack, two people familiar with the payment told Bloomberg on Thursday.
The report contradicts Colonial’s public assertion that it did not pay the hacking group DarkSide ransom following the cyberattack. A third person familiar with the ransom said the U.S. government is aware Colonial paid DarkSide, which is believed to be based in Russia or Eastern Europe.
Colonial declined Bloomberg‘s request for comment.
White House officials initially did not say whether Colonial paid ransom, in comments to the press on Monday.
“Typically that’s a private sector decision,” deputy national security advisor for cyber issues Anne Neuberger told reporters. “We recognize that victims of cyberattacks often face a very difficult situation and they have to just balance often the cost-benefit when they have no choice with regards to paying a ransom. Colonial is a private company and we’ll defer information regarding their decision on paying a ransom to them.”
President Biden said he had “no comment” on whether he was briefed on the alleged ransom payment, in comments to reporters on Thursday.
The attack forced Colonial to temporarily shut down much of its services, causing gas shortages and rising prices across the east coast. Colonial transports roughly 45 percent of all fuel consumed on the east coast, providing 2.5 million barrels of fuel per day.
Colonial has since resumed service and is attempting to deliver fuel to gas stations depleted during the shortage.