PORT OF SPAIN, Trinidad, CMC – The Telecommunications Services of Trinidad and Tobago (TSTT) Friday acknowledged that information on some of its customers had been captured following a cyberattack last month.
“During the past seven days, TSTT has been working with its international cyber security experts and has undertaken a rigorous examination of data published on the dark web after a ransomware group claimed ownership of a cyberattack on the telecommunications company.
“Although the published material was easily accessible, the corroboration process was time-consuming because it required cross-referencing data across multiple extensive databases to verify sources. With the support of our cyber security consultants, the company has determined that the data released contains largely identifying information, and TSTT apologizes to those customers whose information was accessed by these cyber terrorists,” the company said in a statement.
The telecommunications company said that it is still scrutinizing the data but that what had been stolen represents less than one percent of the petabytes of data the company produces and stores.
“Moreover, it represents information from a small subset of TSTT’s customer base. A single customer could generate hundreds or thousands of records of non-critical, non-sensitive transactions. The majority of TSTT’s customers’ information was not accessed,” TSTT added,
Last weekend, international hackers Ransomexx announced it had infected TSTT with ransomware and stole as many as six gigabytes (GB) of its data, including names, e-mail addresses, national ID numbers, phone numbers, and “a lot of other sensitive data.”
Ransomexx said it has the stolen data, showing a CSV file with detailed information from more than 800,000 TSTT customers.
But in a statement on Monday, TSTt said. At the same time, it had been a recent victim of a cyber attack, “there was no loss or compromise of customer data, no data was deleted from TSTT’s databases or manipulated.
“ At this time, the company has not corroborated data currently in the public domain purported to be TSTT’s customer information, and it should be noted that the various TSTT platforms generate terabytes of data.”
“Cyber threats of this nature are a continuous feature of modern digital operating systems, and telecommunications infrastructure is no exception to these threats and incursions. TSTT has continuously invested resources in the millions of dollars in its processes and IT infrastructure to protect its systems and the data it produces and stores,” it said.
TSTT said it was determined that some of the data were accessed from a legacy system, which is no longer utilized by TSTT but which contains data that is, in many instances, no longer valid.
“This data is kept to ensure TSTT is compliant with relevant laws as it relates to retention of customer information,” it stated.
TSTT said its investigation found that no customer passwords or credentials were accessed.
“Due to the nature of the data accessed, internal and external security analysts have advised that there is no elevated risk of fraudulent activity for the customers impacted. Some information can already be easily accessed via the telephone directory’s white pages. However, TSTT reminds all customers to be alert to potential scams and fraudulent activity and report them where necessary,” it stated.
“It is important to note that certain statements currently in the public domain regarding the publication of personal data are inaccurate and invalid.”
The company said it does not request, require, and store on its databases any of the following information related to its customers, namely credit card information, customer passwords, approvals for housing, and shipping documents.
TSTT also denied what it labeled as “false, misleading, and damaging statements regarding its data center.”
“TSTT’s data center (TIA 942-B, Rated 3, SOC-2, DCOS Maturity Level 3 and ISO) is the most secure, resilient, and reliable data center in Trinidad and Tobago, the Caribbean and ranked highly in the Latin American region,” it stated.
“TSTT categorically refutes claims that its data center was breached and therefore any claims of our corporate client data or credentials being accessed as a result of an alleged breach of our data center is inaccurate, ill-informed and mischievous,” TSTT stated.
“We strongly urge responsible parties to exercise utmost caution and responsibility when publishing and disseminating information. Due to the sensitive nature of this, it is imperative to verify and obtain information from credible and expert sources, as inaccurate and misleading reports can misinform and potentially damage public trust and also harm our company.
“This is why TSTT is taking meticulous steps to verify all information thoroughly. We also urge members of the public to exercise discernment in the information they consume, ensuring they receive it from credible and reputable sources to make well-informed decisions,” TSTT added.
and then  Friday acknowledged that information on some of its customers had been captured following a cyberattack last month.){kind=link}