HOS Waiver for Pipeline Cyberattack

With the latest pipeline cyberattack that took place in May, the Federal Motor Carrier Safety Administration issued an emergency declaration to waive the hours-of-service rules for those drivers who are hauling fuel.

The Colonial Pipeline is responsible for the largest pipeline carrying fuel from the Gulf Coast to the Northeast. NBC News reported that it “halted all pipeline operations” following the cyberattack. The group that may be responsible for this attack is known as the Dark Side.

Waiver Effective Date

The HOS Wavier went into effect May 9, 2021, and will be extended until June 8, 2021. The cyberattack disrupted the fuel supply on the East Coast. The waiver is in effect for the following states:

  • Alabama
  • Arkansas
  • District of Columbia
  • Delaware
  • Florida
  • Georgia
  • Kentucky
  • Louisiana
  • Maryland
  • Mississippi
  • New Jersey
  • New York
  • North Carolina
  • Pennsylvania
  • South Carolina
  • Tennessee
  • Texas
  • Virginia

Drivers who are hauling gasoline, diesel, jet fuel, and other refined products are exempt from HOS regulations during this time.

The Effects of the Cyberattack

The GasBuddy app that tracks fuel prices at 150,000 locations in the United States warned drivers against overreacting to this attack. However, on May 9th, GasBuddy posted the following on its website: “Panic buying or hoarding of gasoline will prolong outages and price spikes, making them much worse. It is true that if the pipeline remains out of service into the early part of next week, roughly Tuesday or so, that some gas stations may run low on gasoline. In addition, tank farms that take the gasoline from the pipeline are likely starting to see supply run low, so it is vital that motorists do not overwhelm the system by filling their tanks.”

Many locations around the United States found that people began hoarding gas and filling up unusual items to store gas. The panic buying made many gas stations run out of fuel.

A Statement from the Colonial Pipeline

The Colonial Pipeline released this statement on May 8th:

“On May 7, the Colonial Pipeline Company learned it was the victim of a cybersecurity attack. We have since determined that this incident involves ransomware. In response, we proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations and affected some of our IT systems. Upon learning of the issue, a leading, third-party cybersecurity firm was engaged, and they have launched an investigation into the nature and scope of this incident, which is ongoing. We have contacted law enforcement and other federal agencies.

Colonial Pipeline is taking steps to understand and resolve this issue. At this time, our primary focus is the safe and efficient restoration of our service and our efforts to return to normal operation. This process is already underway, and we are working diligently to address this matter and to minimize disruption to our customers and those who rely on Colonial Pipeline.”