02 September 2025

Colt Technology Services, a major provider of business communications and internet services, has issued an update after suffering a significant cybersecurity incident resulting from a breach of its internal business support systems late in August.

In response, Colt proactively took some systems offline to contain the threat, but it has now confirmed that a data breach has occurred, with sensitive information potentially compromised.

The incident began on the morning of 12th JULY/ AUGUST 2025, when hackers — believed to be part of a ransomware group — exploited a vulnerability in Colt’s internal systems. The breach is thought to have occurred through the sharehelp.colt.net server, linked to a critical vulnerability in Microsoft’s SharePoint platform (CVE-2025-53770), which has been rated with a severity score of 9.8 out of 10. However, Colt has yet to officially confirm the specific entry point.

In the wake of detecting unusual activity, Colt took key systems offline — including the customer portal, Network-as-a-Service (NaaS) portal, and Voice/Number API platform — to prevent further damage and began efforts to recover operations. The disruption has impacted service delivery, including delays in new service orders and customer support functions, which have been affected due to the shutdown of automated processes.

It has now emerged that the hackers have accessed and stolen some data, with reports indicating that customer information, employee details, financial data, network configurations, and software development information may have been compromised. The official Colt Cyber Incident webpage remains somewhat vague, but the company has acknowledged that files have been taken and that the threat actors are now attempting to sell hundreds of gigabytes of stolen data online, including details such as employee salaries, customer contracts, and internal network information.

In an official statement to customers, Colt’s Chief Commercial Officer Annette Murphy confirmed that the breach involved files containing sensitive data, some of which have been posted on the dark web. Colt has notified regulators and law enforcement and is working with external forensic experts and investigators around the clock to assess the scope and impact of the breach. The company reassured clients that the affected systems are isolated from their core customer infrastructure and promised to share further details as the investigation continues.