Bloomberg News reported the attack came from a cybercrime group called DarkSide, which stole a large amount of data starting the day before Colonial halted its operations.

Sources tell Reuters that the attack was caused by ransomware software, a type of malware designed to lockdown systems by encrypting data and demanding payment to regain access.

Colonial transports 45% of east coast fuel supply, moving 2.5 million barrels per day through thousands of miles of pipelines.

In a statement, the company said it shut down systems to contain the threat, but did not give further details or say for how long its pipelines would be shut.

Colonial has engaged a third party cyber security firm to launch an investigation and contacted law enforcement and other federal agencies.