The company stressed that the attack was detected on an internal system “separate from our customers’ infrastructure” and that immediate protective measures were taken
U.K.-based telecoms provider Colt has confirmed it was struck by a ransomware attack claimed by the Warlock gang, disrupting parts of its business support systems. The company said some services remain offline as a precaution while restoration work continues.
“We’re continuing to work tirelessly to restore the internal systems affected by the recent cyber incident,” Colt said in an update. “We understand how frustrating it is not to have access to some of our support services, such as Colt Online and our Voice API platform, and we appreciate your patience and understanding.”
The company stressed that the attack was detected on an internal system “separate from our customers’ infrastructure” and that immediate protective measures were taken. “One of our protective measures involved proactively taking some systems offline, which has led to the disruption of some of the support services we provide to our customers,” it added. Colt is working with external cyber experts and authorities on the investigation.
Around the same time, Australia’s iiNet, owned by TPG Telecom, reported a separate cyber incident involving unauthorised access to its order management system through stolen employee credentials. The breach exposed the personal information of 280,000 people, including 10,000 phone numbers and home addresses, as well as 1,700 modem passwords.
“The iiNet ordering system is used to create and track orders for iiNet services, such as NBN connections,” the company said. “The system contains limited personal information. Importantly, it does not contain copies or details of customer identity document details (such as passport or driver’s licences), credit card or banking information.”
iiNet said it activated its incident response plan and brought in external cyber security experts to support the investigation. Impacted customers are being contacted directly and advised on protective steps. The company is also working with the Australian Cyber Security Centre, the National Office of Cyber Security, the Office of the Australian Information Commissioner and other authorities.
Both cases highlight the continuing vulnerability of telecoms networks, considered part of critical national infrastructure, to disruptive cyberattacks.
