"Ransomware Struck Another Pipeline Firm—and 70 GB of Data Leaked"
The ransomware attack against Colonial Pipeline, which led to a rise in gas prices, panic buying, and localized fuel shortages, brought further attention to how dangerous the disruption of the petrochemical pipeline industry could be. It appears that another pipeline-focused business suffered a ransomware attack around the same time when the Colonial Pipeline cyberattack occurred. A group called Xing Team posted 70 GB of files stolen from LineStar Integrity Services, a company based in Houston that sells auditing, compliance, maintenance, and technology services to pipeline customers. The data includes 73,500 emails, accounting files, contracts, nearly 19 GB of software code, 10 GB of human resources files that consist of employee driver's licenses, Social Security cards, and more. While this breach did not disrupt infrastructure like the Colonial Pipeline incident, security researchers warn that the exposure of this data could give hackers a roadmap to target more pipelines. There is concern that the data could include information about the software architecture or physical equipment used by LineStar's pipeline customers. Xing Team has used the rebranded version of Mount Locker ransomware to encrypt victims' files. The group has also used the tactic of threatening to leak unencrypted data to pressure victims into paying. This article continues to discuss the ransomware attack on LineStar, the company's response to the incident, and how this attack could enable follow-on targeting of other pipelines.
Wired reports "Ransomware Struck Another Pipeline Firm—and 70 GB of Data Leaked"