Washington, D.C. -Today, Rep. Carolyn B. Maloney, the Chairwoman of the Committee on Oversight and Reform, sent letters to Colonial Pipeline Company and CNA Financial Corporation requesting documents regarding their decisions to pay ransoms following recent ransomware attacks.
“I am extremely concerned that the decision to pay international criminal actors sets a dangerous precedent that will put an even bigger target on the back of critical infrastructure going forward," wrote Chairwoman Maloney. “Congress needs detailed information about ransom payments made to cybercriminal actors to legislate effectively on cybersecurity and ransomware in the United States."
According to press reports, a Colonial Pipeline employee found a ransom note from hackers on a control-room computer on May 7, 2021. The company paid $4.4 million in ransom. The March 21, 2021, ransomware attack against CNA Financial Corporation, one of the largest insurance companies in the United States, resulted in the company’s decision to pay $40 million to a cybercrime group to regain control of its systems.
Chairwoman Maloney asked for the requested information and documents to be provided to the Committee by June 17, 2021.
