One password allowed hackers to disrupt Colonial Pipeline, CEO tells senators


Joseph Blount JR. President and Chief Executive Officer Colonial Pipeline is sworn in as he attends a hearing to examine threats to critical infrastructure focusing on examining the Colonial Pipeline cyber attack at the U.S. Capitol in Washington U.S. June 8 2021. Andrew Caballero-ReynoldsPool via REUTERS

Joseph Blount, JR., President and Chief Executive Officer, Colonial Pipeline is sworn in as he attends a hearing to examine threats to critical infrastructure, focusing on examining the Colonial Pipeline cyber attack at the U.S. Capitol in Washington, U.S., June 8, 2021. Andrew Caballero-Reynolds/Pool via REUTERS

NEW YORK (Reuters) - The head of Colonial Pipeline told U.S. senators on Tuesday that hackers who launched last month's cyber attack against the company and disrupted fuel supplies to the U.S. Southeast were able to get into the system by stealing a single password.

Colonial Pipeline Chief Executive Joseph Blount told a U.S. Senate committee that the attack occurred using a legacy Virtual Private Network (VPN) system that did not have multifactor authentication in place. That means it could be accessed through a password without a second step such as a text message, a common security safeguard in more recent software.

Unlock 30% Savings on Ad-Free Access Now!

Monthly Plan

RM13.90/month
RM9.73 only

Billed as RM9.73 for the 1st month then RM13.90 thereafters.

Annual Plan

RM12.33/month
RM8.63/month

Billed as RM103.60 for the 1st year then RM148 thereafters.

1 month

Free Trial

For new subscribers only


Cancel anytime. No ads. Auto-renewal. Unlimited access to the web and app. Personalised features. Members rewards.

Follow us on our official WhatsApp channel for breaking news alerts and key updates!

Others Also Read


All Headlines:

Want to listen to full audio?

Unlock unlimited access to enjoy personalise features on the TheStar.com.my

Already a member? Log In