Suit charges Colonial Pipeline with negligence

A putative class action suit that charges Colonial Pipeline Co.’s negligence led to the ransomware attack that caused its pipeline to be shut down and to increased gas prices has been filed against the company.

The ransomware hacking that led to the pipeline shutdown “caused substantial disruption to the United States economy and damaged consumers and end-users by way of causing gasoline shortages and exaggerated prices for gasoline in areas affected by the pipeline’s lack of service,” says the lawsuit filed Tuesday in U.S. District Court in Atlanta in Ramon Dickerson v. CDPQ Colonial Partners, L.P. et. al.

Mr. Dickerson is identified as a North Carolina resident who purchased gasoline that cost more than it would have been but for the pipeline’s shutdown.

“Defendant owes a duty to Plaintiff and to the members of the Class to use adequate cybersecurity measures in order to keep the Colonial Pipeline secure and defendant continues to breach this duty by failing to employ reasonable measures to protect its systems (and, thus, the pipeline),” the lawsuit says.

A company spokesman for the Alpharetta, Georgia-based, privately held company said in a statement, “We are aware of this filing, but because it is a pending legal matter we will not provide comment.”

Colonial Pipeline CEO Joseph Blount has admitted to the Wall Street Journal that his company paid a $4.4 million ransom to hackers because executives were unsure how badly its systems were breached or how long it would take to restore the pipeline.