The Board of Directors of Telecommunications Services of Trinidad and Tobago Limited (TSTT) will submit the final report of the investigation into the 2023 cybersecurity breach and the circumstances surrounding the incident to the Minister of Public Utilities, Marvin Gonzales, today.
The board says it received the final report on Tuesday. The minister will review the report.
The cyberbreach went as far up as affecting the Prime Minister’s private details.
The cyberattack on TSTT took place on October 9, 2023 but was only disclosed on October 27, 2023. This after Falcon Feeds, an India-based technology security company, revealed on X that TSTT was included on the victim list of the ransomware group, RansomExx.
The Minister initially denied that any breach had occurred, dubbing it “not true” in media reports on October 30, 2023. However, over the course of a few days, cybersecurity experts did a deep dive into the data published on the dark web and made it public. On November 5, 2023, Gonzales then admitted that TSTT was the target of a malware “incursion” on March 13, 2024 and ordered an independent investigation.
TSTT itself confirmed that six gigabytes or less than one percent of its petabytes of data was accessed. The company also engaged the local independent firm CyberEye to conduct root cause and log analysis, assess TSTT’s cybersecurity controls, and address internal issues related to threat monitoring and detection.
The miscommunication over whether the breach occurred led to the sacking of then chief executive officer Lisa Agard, as announced by TSTT on November 15. Two months later, on January 4, TSTT revealed that chief financial officer Shiva Ramnarine was axed. TSTT’s senior manager of Corporate, Environmental, Social and Reputation Management, Khamal Georges, resigned from the company on June 6, becoming the third high profile exit in the wake of the incident. However, reports stated that Georges left for better employment opportunities.
