TTPost hacked, minister urges vigilance

Public Utilities Minister Marvin Gonzales revealed on Tuesday the Trinidad and Tobago Postal Corporation (TTPost) was the victim of a cyberattack months ago.

While he said the entity was able to protect customers' data, he warned its management to build resilience against these threats, which are becoming more common. Gonzales spoke at the opening ceremony for the TTPost Delivery Office and Records Management Facility in Tacarigua.

He reiterated his belief that TTPost success and future require the company to provide more digitised services to customers. However, he noted this will bring challenges like cyberattacks to which the corporation is no stranger.

"If we were to be honest...TTPost itself was the victim of hacking not too long ago. Thankfully it was managed and it was managed in such a way that your customers and their data were not compromised," he said. He later told reporters the incident occurred within the last four months but quick action was able to prevent the loss of customers' data. "They were the victim of a malware attack. A ransom was not demanded.

"But they were able to make the necessary intervention with the support of their ICT (information and communications technologies) experts and that was brought under immediate control. Thankfully, we did not have the level of data breach...compared to the one at TSTT, so...they were able to contain that unfortunate incident. And they have been working with ICT experts to ensure that their systems are hardened and robust so that they can prevent further cyberattacks that we're having in the state sector."

In his address, Gonzales said these attacks are increasing globally, especially with hackers demanding a ransom or risking the information being put on the internet.

"That is what we are now facing not only in TTPost, not only in TT, but all around the world. And therefore, I take this opportunity to remind the leadership of TTPost to observe what is taking place on the digital landscape, and ensure that your systems are hardened and robust enough that as you move into the digital age, that we no longer will have a TSTT and a Courts and an ANSA McAL – all of these recent occurrences of hacking taking place, that it does not happen to TTPost."

Despite the risks, Gonzales encouraged TTPost to continue on its trajectory, adding the ministry will ensure it is equipped against cyberattacks."I am happy when I look at your PSIP (Public Sector Investment Programme) and the projects that you plan to pursue in 2024, I'm seeing the ICT component reflecting and being prioritised as we move in the next 12-24 months. Continue doing that. Continue doing, because we at the Ministry of Public Utilities will give you all of the necessary resources that you need to protect the data of your customers as you look towards expanding your services on the digital landscape."

Last month TSTT was the victim of a cyberattack in which some six gigabytes of customers' personal information was put on the dark web. Gonzales has since ordered an independent investigation.

He told reporters the company is yet to find an investigator, though efforts are being made. "The board has done quite a lot of work towards narrowing into getting a competent body to do the investigation. I intend to continue collaborating on speaking to the board to ensure that the the body or the persons that would be involved in this investigation are competent, so that we can get an understanding as to what in fact transpired."

He added that the board is also doing its own internal investigation.

"They have done a lot of work on that. But we will see what is the outcome of their internal investigation. But based on my policy directive, I'm looking forward to the completion of this independent investigation."