Petro-Canada Gas Stations Face Payment Disruptions Following Suncor Energy Cyberattack

By Greg Tavarez, TMCnet Editor  |  June 27, 2023

Cybersecurity has evolved from a focus on physical security to encompass a wide range of measures and technologies aimed at protecting computer systems, networks and data from unauthorized access, disruption, and damage. The field continues to evolve yearly as new threats and technologies emerge, and the importance of cybersecurity remains paramount in an increasingly digital and interconnected world.

To put into context how big the cybersecurity field is getting, the global cyber security market size is projected to grow from $172.32 billion in 2023 to $424.97 billion in 2030, at a CAGR of 13.8%, according to Fortune Business Insights.

Trends driving the market include the rising number of e-commerce platforms and technological advancements, such as AI, cloud and blockchain. Additionally, e-commerce companies are focused on adopting network security solutions in their IT and electronic security systems.

Still, even with the evolution of cybersecurity and the market seeing a boom, prominent companies have experienced attacks throughout recent years.

There have been numerous prominent breaches in the past that have had significant impacts on individuals, organizations, and even governments. Here are some notable examples:

Yahoo suffered two major data breaches, one in 2013 and another in 2014, compromising the personal information of over 3 billion user accounts. The breaches involved stolen user data including names, email addresses, passwords and security questions, highlighting the importance of robust security measures and incident response.

Equifax experienced a massive data breach that exposed sensitive personal information of approximately 147 million individuals. The compromised data included names, Social Security numbers, birthdates, addresses and, in some cases, driver's license numbers.

More recently, there was one ransomware attack that had wide-ranging consequences for the U.S. That is the ransomware attack on the Colonial Pipeline in 2021. The Colonial Pipeline is a crucial infrastructure system responsible for transporting refined oil products, including gasoline, diesel and jet fuel, along the East Coast of the U.S. It spans over 5,500 miles and supplies nearly half of the fuel consumed on the East Coast.

The attack, which occurred in May 2021, involved a ransomware variant called DarkSide. The hackers infiltrated Colonial Pipeline's computer systems and encrypted their data, demanding a ransom payment in exchange for the decryption key. In response to the attack, Colonial Pipeline made the difficult decision to temporarily halt pipeline operations to prevent further damage and investigate the extent of the breach. The shutdown of the pipeline had immediate and significant implications for the U.S. fuel supply.

The Colonial Pipeline attack highlighted the vulnerabilities of critical infrastructure systems to cyber threats. It served as a wake-up call for the private sector and the government to bolster cybersecurity measures and enhance resilience against such attacks. The incident sparked discussions on the need for increased investment in cybersecurity, improved information sharing between public and private entities and the development of robust incident response plans.

Since then, there hasn’t been an attack on an oil supply company that has had a significant impact on consumers.

Until this month.

Parent company Suncor Energy recently disclosed having suffered a cyberattack preventing its 1,500 Petro-Canada gas stations across Canada from accepting credit card or rewards points.

Well, the attack didn’t shut down an entire pipeline, so it is not on the level of the Colonial Pipeline attack. But it is an inconvenience for consumers who don’t carry cash around as much anymore, resulting in losses for the company.

The company hasn’t provided specific details about the attack, but suspicions rose when Petro-Canada customers took to Twitter (News - Alert) to report that the gas station cannot accept credit cards and customers must pay with cash.

To make matters worse, "Carwash Season Pass" holders are disgruntled because they can’t use their privileges, and customers currently aren't able to log in to their online or app accounts.

"At this time, we are not aware of any evidence that customer, supplier or employee data has been compromised or misused as a result of this situation. While we work to resolve the incident, some transactions with customers and suppliers may be impacted," reads the Suncord press release.

A company the size of Suncor, with annual revenues of $31 billion and more than 18,000 workers, surely would have implemented some of the most stringent cybersecurity measures to prevent any breaches. One would think so especially after seeing what happened to the Colonial Pipeline and the Canadian Centre for Cyber Security’s warning at the start of the year that the oil and gas sector attracts “more than its share” of attention from cybercriminals.

Still, it is difficult to stay ahead of bad actors who are determined and sophisticated.

“We are never going to stay one step ahead of motivated bad actors,” said Carol Volk, EVP, BullWall. “An approach that layers on active attack containment is the new frontier for cybersecurity."

With few details provided from the Suncor Energy press release, people are turning to experts to see what could potentially be happening.

“Although the details of the cyber incident are few, this sounds like a targeted attack against the point-of-sales systems since the organization is unable to accept and process credit/debit card transactions,” said Stephen Gates, Principal Security SME, “If a ransom-related campaign is the culprit, then this may indicate a new attack path and outcome.”

Roy Akerman, co-founder  and CEO of Rezonate, went on to say that “this is an example of how cyber risk has a direct impact on business continuity. Organizations should not invest only in preventative and cyber readiness actions, but also in recovery and response.”

Now to play the waiting game as more information unfolds so everyone can better evaluate what caused the breach as well as the actions taken by Suncor Energy.

Edited by Alex Passett
Get stories like this delivered straight to your inbox. [Free eNews Subscription]