298/68 Tuesday, August 19, 2025
Colt Technology Services, a UK-headquartered telecommunications provider, is facing a multi-day service disruption following a ransomware attack carried out by the WarLock group on August 12. Affected services include Hosting, Porting, Colt Online, and Voice API, with the company’s IT team currently working to restore impacted systems.
Initially, Colt described the issue as a “technical problem,” but later confirmed it to be a cyberattack. The company stated that its Core Network Infrastructure remains unaffected. Relevant authorities have been notified, and some systems were taken offline as a containment measure. Meanwhile, a hacker affiliated with the WarLock group, known as “cnkjasdfgd,” reportedly posted over 1 million stolen files for sale on the dark web. The leaked data allegedly includes customer information, employee records, and internal documents, with a listing price of $200,000 USD.
Cybersecurity expert Kevin Beaumont suggested that the attackers may have exploited Microsoft SharePoint vulnerability CVE-2025-53770 to gain initial access, staying dormant for over a week before encrypting the data. This incident underscores the severe threat ransomware poses to infrastructure providers, potentially impacting a wide range of businesses and users.
