Colonial Pipeline Denies Breach by RANSOMEDVC Ransomware Group

/in


Earlier today, the RANSOMEDVC ransomware group claimed to have breached Colonial Pipeline company and also leaked 5GB worth of data including internal files and photos.

The infamous RANSOMEDVC ransomware group has declared that they successfully infiltrated Colonial Pipeline, the American company operating a significant pipeline system that transports over 100 million gallons of various petroleum products, including gasoline, diesel fuel, and jet fuel, on a daily basis.

Colonial Pipeline Denies Breach by RANSOMEDVC Ransomware Group
What the RANSOMEDVC ransomware group published on their dark web blog (Image credit: Hackread.com)

These latest claims from the RANSOMEDVC group surfaced through posts on their dark web blog. The group also shared their claims via their recently launched Telegram channel and their X (previously Twitter) account. It’s worth noting that RANSOMEDVC is the same group that claimed to have breached Sony Corporation in September 2024.

In correspondence with Hackread.com, the group disclosed that apparently, Colonial Pipeline had refused to pay any ransom. However, they did not disclose the size of the alleged stolen data or the ransom amount demanded from the company.

Additionally, RANSOMEDVC publicly shared a file containing 5GB of data, claiming it belongs to Colonial Pipeline. Hackread.com has examined and analyzed this data. While it’s premature to draw definitive conclusions, the files and folders appear to contain a wealth of information, including diagrams, internal documents, leak detection policies, ICS and SCADA-related presentations, as well as photos of employees handling electronic equipment, among other things.

Notably, the photos of employees reveal that their desks feature a “Weekly Status Report” with the Colonial Pipeline logo.

Colonial Pipeline Denies Breach by RANSOMEDVC Ransomware Group
From the leaked files (Image credit: Hackread.com)

However, in an exclusive statement to Hackread.com, Colonial Pipeline has rejected the claims made by the RANSOMEDVC ransomware group and linked the leaked files to “a third-party data breach unrelated to Colonial Pipeline.”

Colonial Pipeline is aware of unsubstantiated claims posted to an online forum that its system has been compromised by an unknown party. After working with our…

Source…