Shell reroutes oil supplies after cyberattack on German firm

Shell RDS-B-N -0.06%decrease said on Tuesday it was rerouting oil supplies to other depots following a cyberattack on two subsidiaries of German logistics firm Marquard & Bahls this week.

The companies, Oiltanking GmbH Group and mineral oil dealer Mabanaft GmbH & Co. KG Group, on Jan. 29 discovered they were hit by an attack that disrupted its IT systems and supply chain, the companies said in a joint statement.

Shell Deutschland GmbH, the oil major’s German subsidiary, was able to “reroute to alternative supply depots for the time being,” a spokesperson said in a statement.

In their joint statement, Oiltanking and Mabanaft said they were working to resolve the issue as quickly as possible and to understand its full scope.

“We are undertaking a thorough investigation, together with external specialists and are collaborating closely with the relevant authorities. All terminals continue to operate safely,” the statement said.

Terminals of Oiltanking Deutschland GmbH & Co. KG, which is a unit of Mabanaft, are operating with limited capacity and have declared force majeure as has Mabanaft Deutschland GmbH & Co. KG for the majority of its inland supply activities in Germany, it added.

Aral, the largest petrol station network in Germany with around 2,300 stations, was supplying its stations from alternative sources in light of the disturbance, a spokesperson for its owner BP Plc said.

“The supply of Aral is currently secure despite the loading halt at Oiltanking,” they said.

Hamburg-based Marquard & Bahls generated sales of €10.5-billion ($11.8-billion) in 2020 and employs around 6,200 people. Its Oiltanking division owns and operates 45 terminals in 20 countries, according to the company.

Germany’s cybersecurity agency said it was offering its expertise.

“I consider this incident to be serious, but not grave,” Arne Schonbohm, president of the Federal Office for Information Security, told a news conference.

“The companies produce 1.6 million litres of fuel oil and 2.1 million litres of fuel per year … It affects 233 fuel stations in northern Germany. It is probably possibly to pay in cash,” he said.

Last year, top U.S. fuel pipeline operator Colonial Pipeline shut its entire network, the source of nearly half of the U.S. East Coast’s fuel supply, after a ransomware attack.

The incident was one of the most disruptive digital operations ever reported. Colonial Pipeline said at the time it paid hackers nearly $5-million to regain access to its systems.

The nature of the attack against Marquard & Bahls was unclear.