Ransomware attack claims against Colonial Pipeline linked to third-party breach

Major U.S. pipeline system Colonial Pipeline has denied having its systems or operations affected by a ransomware attack claimed by the RansomedVC operation, saying that stolen files exposed by the ransomware group were from an unrelated third-party data breach, according to The Record, a news site by cybersecurity firm Recorded Future. No further information regarding the incident, including the third party impacted by the breach or the type of attack, was provided by Colonial Pipeline, but Dragos CEO Rob Lee, who was involved in the response efforts in the 2021 Colonial Pipeline ransomware attack and whose photo was included in the leaked files, noted RansomedVC's claims as false. "PSA: Criminal groups lie. Yes even, and especially, ransomware group ones. Exhausting but pointless," said Lee on X, formerly Twitter. Such claims by RansomedVC come after the ransomware gang purported to compromise U.S. credit agency TransUnion and Japanese multinational conglomerate Sony, as well as targeted a Hawai'i state government site during the past month.