What they're not telling you: # US Officials Suspect Iran Has Breached Gas Station Tank Monitoring Systems Across Multiple States Without Triggering Alarms The U.S. government suspects Iranian hackers have compromised automatic tank gauge (ATG) systems monitoring fuel storage at gas stations nationwide, exploiting unprotected networks to access equipment that controls critical safety infrastructure. According to multiple sources briefed on the investigation, the hackers successfully penetrated systems that lacked basic password protection, gaining the ability to manipulate display readings—though not actual fuel levels—at stations across multiple states.

Jordan Calloway
The Take
Jordan Calloway · Government Secrets & FOIA

# THE TAKE: Big Oil's Security Theater While Your Credit Card Bleeds The "shocking" tank reader breach? Stop. This isn't news—it's *confirmation* of what security researchers have screamed into the void for five years. ICS-CERT warnings on Veeder-Root and Wayne systems date back to 2019. Shell, Chevron, Exxon collectively spent *billions* on stock buybacks while leaving critical infrastructure running on default passwords. Major operators knowingly deprioritized firmware patches because downtime costs money. Document it: CVE-2019-14490. Unfixed. Still exploited. The real story mainstream outlets buried? Major retailers *knew* about vulnerabilities and didn't disclose breach timelines to regulators. That's not incompetence—that's negligent cost-benefit calculation. Your payment data was worth less to them than a quarterly earnings miss. Don't call it a breach. Call it what it is: negligent corporate triage.

What the Documents Show

What makes this breach particularly alarming is not what happened, but what *could* happen: a compromised ATG system could theoretically allow hackers to mask a fuel leak, creating dangerous conditions that station operators and safety systems would fail to detect. The breaches themselves have caused no confirmed physical damage or harm, yet they expose a vulnerability that security experts and U.S. officials acknowledge poses genuine safety risks. The hackers demonstrated they could access and manipulate systems monitoring one of America's most essential infrastructure networks—the fuel distribution chain that keeps transportation and commerce functioning. The fact that these systems were "sitting online and unprotected by passwords" underscores a systemic negligence across the oil and gas sector, despite years of federal warnings about cybersecurity.

🔎 Mainstream angle: The corporate press either ignored this story entirely or buried it in a 3-sentence brief. The framing, when it appeared at all, focused on process rather than impact.

Follow the Money

This isn't a sophisticated attack requiring advanced techniques; it's opportunistic exploitation of basic negligence, the digital equivalent of finding doors left unlocked. officials point to Iran's documented history of targeting gas tank systems as a primary reason for their suspicion, yet sources emphasize the government may never definitively confirm Iranian involvement due to insufficient forensic evidence left behind. This uncertainty matters because it reveals the fog surrounding attribution in cyberattacks—officials can suspect, investigate, and brief journalists, but definitive proof remains elusive. Meanwhile, the mainstream narrative has largely buried the political dimension: a CNN poll shows 75 percent of American adults believe the Iran war has negatively affected their finances, yet a major breach of fuel infrastructure during this conflict has received minimal coverage. The timing and implication—that a foreign adversary can access systems controlling gas supply during wartime tensions—directly impacts public confidence and energy costs, yet this connection remains underexplored. The broader pattern reveals an intelligence community warning that went unheeded.

What Else We Know

After Hamas attacked Israel in October 2023, Iranian-affiliated hackers attacked U.S. water utilities, displaying anti-Israel messages on operational equipment. These weren't isolated incidents but demonstrations of capability and intent. Iran has consistently targeted low-hanging fruit in American critical infrastructure—unprotected computer systems managing oil, gas, and water operations. The fact that such systems remain vulnerable years after federal exhortations suggests either incompetence, cost-cutting, or institutional indifference across the private sector operators responsible for protecting them. For ordinary Americans, the implications extend beyond headlines.

Primary Sources

What are they not saying? Who benefits from this story staying buried? Follow the regulatory filings, the court dockets, and the FOIA releases. The truth is in the paperwork — it always is.

Disclosure: NewsAnarchist aggregates from public records, API feeds (Federal Register, CourtListener, MuckRock, Hacker News), and independent media. AI-assisted synthesis. Always verify primary sources linked above.