TSTT: Cyber-terrorists did not access sensitive data

IN a statement on Friday, TSTT said individuals who recently attacked its IT system did not gain access to sensitive details about customers but only other information that was largely outdated and stored on legacy systems.

It dubbed the October 9 attackers "cyber terrorists".

TSTT condemned subsequent comments by third parties in the public domain as "erroneous, mischievous, and damaging."

Indicating that 99 per cent of its data was unaffected by the attacks, TSTT said most clients' details were not accessed.

TSTT said it was committed to safeguarding customers' information and took cyber security seriously.

"Cyber threats are a continuous feature of modern digital operating systems and have become increasingly sophisticated, and their frequency has increased significantly."

As telecommunications were not exempt from these threats, TSTT has continuously invested millions of dollars to protect its systems and its data.

"The company took immediate steps to minimise the security vulnerability, successfully isolating its systems and applications.

"These applications were subsequently quarantined, rebuilt and put back into production as part of clearly defined policies and procedures."

TSTT engaged international cyber security experts and partners.

These had investigated the attempted breach and advised on additional security measures and protocols, some of which have since been implemented.

TSTT said it had undertaken a rigorous examination of data published on the dark web, which a ransomware group claimed responsibility for.

"With the support of our cyber security consultants, the company has determined that the data released contains largely identifying information, and TSTT apologises to those customers whose information was accessed by these cyber terrorists."

While TSTT is still scrutinising the data, the 6GB accessed represents less than one per cent of the petabytes of data the company produces and stores.

"Moreover, it represents information of a small subset of TSTT’s customer base.

"The majority of TSTT’s customers’ information was not accessed."

TSTT said some of the data was accessed from a legacy system that it no longer used and which contains data no longer valid but kept for legal reasons. The company said the information accessed included parameters such as first and last names, e-mail and home addresses, ID scans, some customer account information, letters of authorisation, and payment receipts.

It said, "What is not included: call records, transactional data, customer passwords and financial information.

"TSTT’s investigation has found that no customer passwords or credentials were accessed."

Due to the type of data accessed, internal and external security analysts told TSTT there was "no elevated risk of fraudulent activity" for the customers impacted.

Some data was already in the telephone directory.

"However, TSTT reminds all customers to be vigilant and alert to potential scams and fraudulent activity and report them where necessary."

The company said certain statements in the public domain were inaccurate and invalid.

"TSTT does not request, require and/or store on its databases any of the following information related to its customers: credit card information, customer passwords, approvals for housing and shipping documents. There is, therefore, little chance of such information being accessed or published because of the cyber incursion."

The statement urged people to verify the source and validity of any information in the public domain.

TSTT lamented "false, misleading, and damaging statements" regarding its data centre, one of the most secure, resilient and reliable in the Latin American region.

"TSTT categorically refutes claims that its data centre was breached and therefore any claims of our corporate client data or credentials being accessed as a result of an alleged breach of our data centre is totally inaccurate, ill-informed and mischievous."

The company strongly urged people to exercise utmost caution and responsibility when publishing and disseminating allegations.

"Due to the sensitive nature of this, it is imperative to verify and obtain information from credible and expert sources, as inaccurate and misleading reports can misinform and potentially damage public trust and also harm our company. This is why TSTT is taking meticulous steps to thoroughly verify all information.

"We also urge members of the public to exercise discernment in the information they consume, ensuring they receive it from credible and reputable sources to make well-informed decisions."