The recent data breach at the Telecommunications Services of Trinidad and Tobago (TSTT) highlights the increasing threat of cyberattacks on government agencies and organizations worldwide. The breach, carried out by the RansomEXX ransomware group, resulted in the compromise and exfiltration of sensitive customer data, including names, addresses, emails, national ID numbers, and phone numbers.
The RansomEXX group, previously known as Defray777, has gained notoriety for targeting government agencies and manufacturers and is known for publishing stolen data. This midrange exploit has already affected 56 victims, according to the Ransom_db tracker. It is important to note that RansomEXX has previously targeted a Scottish mental health charity, where it exposed 12GB of personally identifiable data, including credit card details.
In this particular case, the Dark Web Informer, a breach reporting Twitter feed, surfaced a note allegedly from the Defray777 website, claiming that TSTT was warned about the consequences of non-compliance with their demands before the data release. The note accuses TSTT of neglecting customer data security and intentionally causing network issues while still charging customers for their services.
It is crucial for organizations to prioritize cybersecurity measures and take proactive steps to protect sensitive customer data. This incident serves as a reminder that no organization is immune to cyber threats, and robust security protocols and continuous monitoring are essential to prevent and mitigate data breaches.
As further information becomes available, we will continue to update this report, shedding light on the evolving nature of cyberattacks and the importance of cybersecurity in safeguarding sensitive information.