Colonial Pipeline service fully restored after ransomware attack, gas shortage

Fuel from pipeline reaching consumers after days-long shutdown

Gas delivered via Colonial Pipeline Co.’s system is reaching consumers in all the states it serves following a days-long network shutdown, the company announced Saturday.

Markets including Texas, Louisiana, Mississippi, Alabama, Tennessee, Georgia, the Carolinas, Virginia, Maryland, D.C., Delaware, Pennsylvania and New Jersey were all receiving fuel from Colonial Pipeline after its system returned to normal, according to the company.

Colonial restarted its pipeline system, which stretches from Houston to New Jersey, Wednesday afternoon after a ransomware attack forced the company to temporarily shut down the week before. 

"Since that time, we have returned the system to normal operations, delivering millions of gallons per hour to the markets we serve," Colonial tweeted Saturday morning.


The pipeline carries 100 million gallons of fuel daily and accounts for 45% of the fuel used on the East Coast. The shutdown caused gas shortages in areas served by Colonial and prices reportedly hit as high as $6.99 per gallon in Virginia this week.

Colonial reiterated its commitment to safety and keeping its system running in the future. The company said it has spent $1.1 billion on "system integrity and preventative maintenance" in the past five years and increased IT and cybersecurity spending by 50% since appointing a new chief information officer in 2017. 

"We recognize the critical nature of our system to millions of Americans," the company tweeted.

"Colonial has and will continue to put safety and system integrity first and will invest the required resources to maintain safe and reliable operations of our pipeline."


The FBI is investigating the ransomware attack on Colonial,saying that a hacker group called DarkSide believed to be based in Russia was responsible. 

Colonial has said it would not pay the ransom, though Bloomberg reported that the company did pay nearly $5 million to the hackers, citing people familiar with the transaction. 

The high-profile cyberattack seemed to draw more scrutiny than the hackers had hoped for. After putting out a statement claiming that the group is "apolitical," cybersecurity blog Krebs on Security reported that DarkSide had shut down, its web servers were seized and its cryptocurrency accounts were drained.