Joseph Blount, JR., President and Chief Executive Officer, Colonial Pipeline is sworn in as he attends a hearing to examine threats to critical infrastructure, focusing on examining the Colonial Pipeline cyber attack at the U.S. Capitol in Washington, U.S., June 8, 2021. Andrew Caballero-Reynolds/Pool via REUTERS
NEW YORK (Reuters) - The head of Colonial Pipeline told U.S. senators on Tuesday that hackers who launched last month's cyber attack against the company and disrupted fuel supplies to the U.S. Southeast were able to get into the system by stealing a single password.
Colonial Pipeline Chief Executive Joseph Blount told a U.S. Senate committee that the attack occurred using a legacy Virtual Private Network (VPN) system that did not have multifactor authentication in place. That means it could be accessed through a password without a second step such as a text message, a common security safeguard in more recent software.
Unlock 30% Savings on Ad-Free Access Now!
