Class action following ransomware attack on Colonial Pipeline
By Cameron Abbott and Jacqueline Patishman
Last week we posted about a ransomware attack on the American Colonial Pipeline Company. This week, the Company has been hit with a class action alleging that a range of US businesses and consumers suffered loss as a result of Colonial Pipeline’s decision to cut its supply of fuel until the ransomware attack was resolved. Meanwhile, the Company is still not entirely back on track – Colonial’s main website is still offline.
The class action is open to all fuel consumers who were impacted by the closure of the pipeline across the east coast which includes a range of businesses that rely on fuel (such as airlines and trucking companies) as well as ordinary retail consumers.
Reuters reported that 88% of petrol stations were out of fuel in Washington, 65% in North Carolina, while in South Carolina, Georgia and Virginia, just under 50% were without fuel.
One of the points that will be considered in the case is whether Colonial actually needed to close the pipeline – it’s been suggested that the pipeline could have been left open and that the Company could have reversed billed its customers based on estimated usage. The ransomware hack was one of the most disruptive attacks on critical infrastructure that the US has ever experienced and it will be hard to determine whether Colonial’s decision to ‘turn off’ its pipeline was necessary to contain the breach or not.
Colonial has already paid a $US4.4 million (~$5.7m AUD) ransom to the hacking group DarkSide and if this action is successful, it could stand to lose hundreds of millions more. Flow on effects of attacks on critical infrastructure clearly have the potential to seriously damage businesses and the economy generally. Even the cost of defending litigation makes the cost of a security breach much higher than merely paying a ransom.