Colt Technology Services, a leading telecommunications provider, has confirmed that a ransomware attack on August 12, 2025, resulted in the theft of sensitive customer data.
The company revealed that attackers gained access to confidential files containing customer information. Soon after, the document titles were leaked on dark web forums, forcing Colt to take urgent containment steps and notify law enforcement.
Key Points
- Breach occurred on August 12, exposing customer files and document titles on the dark web.
- Several core platforms were taken offline for security, while customer networks remain safe.
- Forensic teams and law enforcement agencies are investigating.
Data Theft and Attack Details
The cybercriminals targeted Colt’s business support systems, which are separated from customer infrastructure networks. At approximately 11:00 AM BST on August 12, the breach was detected. Colt immediately launched its incident response protocols and engaged external forensic experts to investigate the scope of the attack.
Before containment, the threat actors successfully extracted files and then released their titles online, a tactic often used by ransomware groups to pressure victims into negotiations.
To support affected clients, Colt has set up a dedicated call center where customers can request lists of filenames published on the dark web to verify whether their information may have been exposed.
As part of precautionary actions, Colt shut down critical systems including:
- The Colt Online portal
- Number Hosting APIs
- Colt On Demand NaaS (Network-as-a-Service) platform
- Voice On Demand services
- New service ordering functions
Security Measures and Response
Colt’s cybersecurity team rolled out containment strategies such as stronger access controls, better detection mechanisms, and improved monitoring of their infrastructure.
Authorities including the UK’s National Cyber Security Centre (NCSC) and law enforcement agencies have been alerted to ensure compliance and receive external investigative support.
The telecom firm is working with third-party forensic experts who are operating around the clock to assess the full extent of the data compromise.
While customer-facing networks remain functional due to system segregation, business processes have been temporarily disrupted. This has led to slower response times for customer inquiries and service requests.
Colt reassured its customers that authentication systems remain protected because of the network separation design. Meanwhile, customer assistance is being provided through regional phone lines and email support across the UK, France, and Germany as the company works toward full service restoration.
