The UK-based telecommunications company COLT Technology Service is working with a cyber attack, which causes some multi-day outage of some operating company, including hosting and porting services, COLT online and voice API platforms.
British telecommunications and network service providers revealed that the attack began on August 12 and disintegration continues as its IT employees work around the clock to reduce their effects.
Established in 1992 as a city of Telecom (COLT) and acquired by Fidelity Investments in 2015, COLT is a major telecom service provider working across 30 countries across Europe, Asia and North America. The company employs 75,000 km of fiber network connecting 900 data centers.
Services are still offline
Initially, the company announced a “technical issue” without confirming the cyber incident. However, the nature of the incident was later informed Status updates,
The attack forced the firm to take the specific systems offline as a protective measure, which affected the operation of support services including the COLT online and the Voice API platform.
Customer communication through online portals is currently unavailable, and customers are advised to contact colt by email or phone and expect slow-to-normal reactions.
The company underlined that there are affected system support services, not core customer network infrastructure.
To date, there is no estimate to restore affected systems and operations.
Colt says that it has informed the authorities about the incident without providing any details about the type of attack.
Claims Varackock attack
Claiming an attack, claiming to be a danger actor and a member of the Warlock Rancemware Gang, who used Alaias ‘CNKJASDFGD’ and offered to sell for $ 200,000, which was allegedly stolen from a colt.
Several data samples have also been published to prove the validity of files. According to the actor, stolen files include financial, employee, customer and executive data, internal email and software development information.
Source: banana
Although telecom company did not disclose the cause of violation, security researchers Kevin Beom It is said that the hacker probably managed to achieve the initial access by exploiting a distance code execution vulnerability in Microsoft Sharepoint, which was tracked as CVE-2015-53770.
The security issue has been exploited as zero-day at least since 18 July and is considered important in seriousness. Microsoft addressed it on 21 July in a security update.
According to Buomont, hackers stole a few hundred gigabyte files with customer data and documentation.
Bleepingcomputer has contacted COLT to ask for verification of these allegations, but a comment was not available immediately.
The passwords broke in 46% of the atmosphere, almost doubled by 25% last year.
Picus Blue Report 2025 Now get a wider look at more conclusions on prevention, detection and data exfIs.
