Want latest news insights in your inbox? Sign up for our weekly newsletters to get only what matters to your organization. Subscribe Now
Two major telecom providers in the UK and Australia have been struck by cyberattacks, raising new concerns about the resilience of global critical infrastructure.
Colt Hit by Ransomware in the UK
U.K.-based telecoms giant Colt has confirmed it was the target of a ransomware attack claimed by the Warlock gang. The incident forced the company to take several internal business support systems offline, including Colt Online and its Voice API platform, as a precautionary measure.
While customer-facing services remain operational, Colt admitted it is operating in a “more manual” mode as it works to restore its automated monitoring capabilities. The company emphasized that the affected systems are separate from customer infrastructure and that immediate protective actions were taken once the breach was detected.
Data Breach Hits iiNet in Australia
Around the same time, Australian telecom iiNet, owned by TPG, reported a third-party data breach involving compromised employee credentials. The attackers gained access to iiNet’s order management system, impacting roughly 280,000 customers.
Exposed data includes:
-
10,000 phone numbers and home addresses
-
1,700 modem passwords
-
Limited account details (but no identity documents, credit cards, or banking data)
iiNet says it has engaged external cybersecurity experts, notified regulators including the Australian Cyber Security Centre (ACSC), and is directly contacting affected customers. The company urged users to reset passwords, enable multi-factor authentication, and stay alert to phishing attempts.
Expert Warnings on Escalating Threats
Industry experts say the incidents highlight growing pressure on telecom operators to defend against increasingly aggressive attacks.
-
Darren Williams, CEO of BlackFog, warned that data exfiltration is now the “tactic of choice” for attackers, shifting the balance of power the moment sensitive data leaves an organization.
-
Tony Jarvis, Field CISO at Darktrace, noted that credential-based intrusions remain widespread yet preventable, stressing that “cybercriminals are using AI to automate attacks, and only AI-augmented cybersecurity can defend against it.”
Critical Infrastructure Under Fire
These incidents come amid a broader wave of cyber activity targeting critical infrastructure worldwide:
-
In Norway, pro-Russian hackers briefly seized control of a dam in Bremanger, opening a floodgate for four hours.
-
In Poland, officials revealed that attackers nearly succeeded in shutting down a city’s water supply before authorities intervened.
The breaches underscore how telecoms, utilities, and essential services are increasingly in the crosshairs of ransomware groups and nation-state actors alike.
Key Takeaways
-
Telecoms remain high-value targets due to the sensitive data they manage and their role in national infrastructure.
-
Both ransomware and credential theft attacks are being used to bypass traditional defenses.
-
Stronger monitoring, identity security, and AI-driven defenses are critical to preventing large-scale disruption.
📬 Want to stay ahead of emerging cybersecurity challenges like this?
Subscribe to our newsletter for weekly insights, updates, and expert analysis.
