In May 2021, the DarkSide gang breached Colonial Pipeline via a compromised VPN password and no MFA, stole 100 GB of data, and deployed ransomware that shut the pipeline May 7–12, triggering East Coast fuel shortages, price spikes, and emergency declarations. Colonial resumed normal ops May 15 and paid a 75-bitcoin ransom ($4.4M); DOJ later recovered 64 BTC (~$2.4M). Fallout included major recovery costs, reputational damage, lawsuits (unsuccessful), and a PHMSA notice with nearly $1M in proposed penalties. Key lessons: harden critical infrastructure, use MFA and network segmentation, maintain and test an incident response plan, report incidents to authorities (per CIRCIA), avoid ransom payments, and carry dedicated cyber insurance.

VIEW ON INSURICA.COM