RHON­DOR DOWLAT

A re­port on the find­ings sur­round­ing a cy­ber­se­cu­ri­ty breach at the Telecom­mu­ni­ca­tions Ser­vices of Trinidad and To­ba­go Lim­it­ed (TSTT) in Oc­to­ber 2023 has been re­leased, and the Com­mu­ni­ca­tions Work­ers’ Union (CWU) is call­ing for a full pub­lic dis­clo­sure.

The re­port, com­piled by in­de­pen­dent in­ves­ti­ga­tors, was sub­mit­ted to Min­is­ter of Pub­lic Util­i­ties Mar­vin Gon­za­les yes­ter­day by TSTT’s board of di­rec­tors and ex­am­ines the cir­cum­stances of the breach, its im­pact, and rec­om­men­da­tions to ad­dress vul­ner­a­bil­i­ties.

The breach, ex­e­cut­ed by the hack­ing group Ran­somExx on Oc­to­ber 9, 2023, ex­posed six gi­ga­bytes of cus­tomer da­ta, which were lat­er up­loaded to the dark web. TSTT main­tained the stolen da­ta was out­dat­ed and ac­count­ed for less than one per cent of its to­tal stor­age, but the in­ci­dent trig­gered wide­spread con­cerns about da­ta se­cu­ri­ty and trans­paren­cy.

Gon­za­les yes­ter­day ac­knowl­edged the se­ri­ous­ness of the breach.

He said, “In the dig­i­tal en­vi­ron­ment in which we now op­er­ate, cy­ber in­cur­sions pose a con­stant and per­sis­tent threat to busi­ness con­ti­nu­ity and in­for­ma­tion se­cu­ri­ty. It is im­per­a­tive that we all re­main vig­i­lant and that we learn from past short­com­ings.”
“No or­gan­i­sa­tion is ful­ly im­mune to cy­ber in­cur­sion, and a key pro­to­col in man­ag­ing such breach­es is clear, sin­cere and hon­est com­mu­ni­ca­tions with all stake­hold­ers, es­pe­cial­ly cus­tomers and mem­bers of the pub­lic.”

The fall­out from the breach was sig­nif­i­cant, with the ter­mi­na­tion of CEO Lisa Agard on No­vem­ber 15, 2023, and de­par­ture of CFO Shi­va Ram­nar­ine short­ly af­ter. Cor­po­rate com­mu­ni­ca­tions head Khamal Georges re­signed in June 2024.

In the wake of the at­tack, TSTT en­list­ed lo­cal cy­ber­se­cu­ri­ty firm Cy­ber­Eye to con­duct a root cause analy­sis and strength­en its cy­ber­se­cu­ri­ty frame­work.

Yes­ter­day, CWU gen­er­al sec­re­tary Joanne Ogeer urged Gon­za­les to make the re­port pub­lic.

“The pub­lic has a right to know be­cause they were di­rect­ly af­fect­ed by the breach. Trans­paren­cy is crit­i­cal to re­build­ing trust and en­sur­ing ac­count­abil­i­ty,” Ogeer said.

She al­so crit­i­cised how the fall­out was han­dled.

“I can cat­e­gor­i­cal­ly state that this ad­min­is­tra­tor was vi­cious­ly tar­get­ed, es­pe­cial­ly dur­ing the Joint Se­lect Com­mit­tee hear­ings, where blame was un­fair­ly placed at her feet. This was deeply con­cern­ing and shows the need for a more bal­anced ap­proach to ac­count­abil­i­ty,” Ogeer claimed.

She com­mend­ed TSTT for re­view­ing its poli­cies but urged em­ploy­ees to sup­port and up­hold these mea­sures to pro­tect the or­gan­i­sa­tion.

The union al­so em­pha­sised the im­por­tance of em­ploy­ee train­ing in cy­ber­se­cu­ri­ty.

Gon­za­les has com­mit­ted to sub­mit­ting the re­port to the Na­tion­al Se­cu­ri­ty Coun­cil and Joint Se­lect Com­mit­tee of Par­lia­ment for fur­ther re­view.

Ef­forts to reach for­mer TSTT CEO Agard for com­ment proved fu­tile.

“