I have a lot of respect for Baroness (Dido) Harding. She was an early trailblazer for women leading tech firms, as CEO of TalkTalk, and now she leverages that telecommunications experience in Parliament. On a number of occasions, Hansard shows us she has been a voice of reason in the upper house of matters pertaining to our industry.
Of course, many detractors will point to public dissatisfaction with her roles during COVID, as well as the handling of the 2015 cyber-attack against TalkTalk.
The 20/20 vision of hindsight tells us that TalkTalk, under her leadership, could have handled cybersecurity better. That said, I recall watching the news as the clearly sleep-deprived CEO of TalkTalk was transparent about the scale and severity of what had occurred. In the months afterwards, there was clear contrition about the failures which lead to it.
Fast forward ten years, and we have one of the world’s largest telecommunications companies in a similar situation. With all of the lessons learned from TalkTalk, we are in a situation where COLT are briefing the press that nothing has been compromised, while shortly thereafter, those purported to be the malicious actors responsible, are publishing indexes of files. There is very limited information coming from COLT on the matter, and comparing what they do say to what else is in the public domain, is undermining trust in their handling of the situation.
At the time of pressing publish on this blog, this is what we know.
Colt are still unable to process number ports, we assume as a consequence of their well publicised cyber-attack. A list of compromised files, which is asserted to be the files compromised by the attacks is at (https://www.klos.com/~john/colt_filename_tree.txt)
The file names themselves are sufficient to meet the definition of a data protection breach in some cases.
Specifically for Simwood, this list contains a number of interoperability documents between Simwood and Colt. The list also contains documents that appear to be Number Portability Order Forms, although it is unclear as to whether these relate to Simwood customers. NPORs will contain some information about the Subscriber changing providers, e.g. name, address, and telephone numbers. Additionally, there is other information clearly of a sensitive nature on the list, but that does not, as far as we can tell, relate to Simwood and its customer’s relationships.
At this time, we understand that Colt are working to prevent further disclosure, however, this is all the detail we have at this time. Our customers should engage their Data Protection Officers regarding the consequences of the attack on Colt as a matter of urgency. Please review the ICO’s guidance before flooding us with tickets asking us what to do though.
In the meantime, Dido, I apologise for some of the ranting I did about your handling of the TalkTalk incident. While, ten years on, I am sure we both agree there were elements that were sub-optimal, turns out, my ire should’ve been bottled up and reserved for our colleagues elsewhere.
