The Telecommunications Services of Trinidad and Tobago (TSTT) says there was no loss or compromise of customer data, no data was deleted from its databases, or manipulated arising from an attempted cyber attack.
Last weekend, international hackers, Ransomexx, announced that it had infected TSTT with ransomware and stole as many as six gigabytes (GB) of its data, including names, e-mail addresses, national ID numbers, phone numbers, and “a lot of other sensitive data”.
Ransomexx said it is in possession of the stolen data, showing a CSV file with detailed information from more than 800,000 TSTT customers.
In a statement, the TSTT said “at this time, the company has not corroborated data currently in the public domain purported to be TSTT’s customer information, and it should be noted that the various TSTT platforms generate terabytes of data”.
The company said that on October 9, cyber attackers attempted to gain unauthorised access to its systems.
“Cyber threats of this nature are a continuous feature of modern digital operating systems and telecommunications infrastructure is no exception to these threats and incursions. TSTT has continuously invested resources in the millions of dollars in its processes and IT infrastructure to protect its systems and the data it produces and stores,” it said.
The company said at the onset of the threat, its incident response processes were “swiftly activated” and that internationally recognised cyber security experts were also enlisted to help deal with the problem.
“The company took immediate steps to minimise the security vulnerability, successfully isolating its systems and applications. These applications were subsequently quarantined, rebuilt and put back into production as part of clearly defined policies and procedures.
“The company also enlisted the support of internationally-recognised cyber security experts and partners in investigating the attempted breach and advising on the implementation of appropriate additional security measures and protocols. Some of these recommendations have already been implemented.”
The telecommunications company said its cyber security processes operated optimally and were able to “restrict these criminals’ malicious plans”.
“TSTT strongly condemns the actions of these terrorists in unlawfully attempting to gain access to its customers’ information. The company will continue to invest in hardening its IT environments under the guidance of international cyber experts, to ensure the security of customer information,” it added.
Last year, Public Utilities Minister Marvin Gonsalves told Parliament that on March 13 TSTT was also the target of a malware “incursion” when its systems detected a security attack directed at a number of the company’s internal-only solutions/applications.
TSTT said in that attack no ransom was paid.
“No customer, employee or company data was compromised. It is important to note that TSTT’s suite of connectivity services for both residential and corporate customers remained fully functional,” the company said then.
