Colonial Pipeline says ransomware recovery efforts caused network outage for shippers

Recovering from a serious ransomware incident is often a gradual process that includes setbacks.
WOODBINE, MD - MAY 13: In an aerial view, fuel holding tanks are seen at Colonial Pipeline's Dorsey Junction Station. (Photo by Drew Angerer/Getty Images)

The communication system that Colonial Pipeline customers use to request fuel experienced network issues on Tuesday, a result of the company’s efforts to recover from a ransomware attack.

“Our internal server that runs our nomination system experienced intermittent disruptions this morning due to some of the hardening efforts that are ongoing and part of our restoration process,” Colonial Pipeline said in a statement. “These issues were not related to the ransomware or any type of reinfection.”

Shippers told Reuters and Bloomberg News that they were unable to access the communication system, which allows Colonial Pipeline customers to “nominate,” or make formal requests for gasoline and other fuel, and to receive updates on fuel shipments.

Colonial Pipeline said it “continues to deliver refined products as nominated by our shippers.”


“We are working diligently to bring our nomination system back online and will continue to keep our shippers updated,” the company’s statement continued. “The Colonial Pipeline system continues to deliver refined products as nominated by our shippers.”

The network outage comes after a ransomware attack forced Colonial Pipeline to shut down for multiple days. The incident led to shortages at gas stations in multiple states, and to emergency orders from federal agencies to alleviate any fuel shortages. On Monday, more than a week after disclosing the ransomware attack, Colonial Pipeline said it was once again transporting gasoline, diesel and jet fuel at normal levels.

The connectivity issues in the fuel ordering system revealed Tuesday show that recovering from a serious ransomware incident is often a gradual process that includes setbacks.

Sean Lyngaas

Written by Sean Lyngaas

Sean Lyngaas is CyberScoop’s Senior Reporter covering the Department of Homeland Security and Congress. He was previously a freelance journalist in West Africa, where he covered everything from a presidential election in Ghana to military mutinies in Ivory Coast for The New York Times. Lyngaas’ reporting also has appeared in The Washington Post, The Economist and the BBC, among other outlets. His investigation of cybersecurity issues in the nuclear sector, backed by a grant from the Pulitzer Center on Crisis Reporting, won plaudits from industrial security experts. He was previously a reporter with Federal Computer Week and, before that, with Smart Grid Today. Sean earned a B.A. in public policy from Duke University and an M.A. in International Relations from The Fletcher School of Law and Diplomacy at Tufts University.

Latest Podcasts