Claro, the leading telecoms brand in South and Central America, has fallen prey to a ransomware attack, causing substantial disruptions across multiple countries. After over a week of service interruptions, Claro decided to disclose the incident publicly. Trigona, the ransomware group responsible, issued a ransom note, claiming control over Claro’s data and threatening to either destroy or sell it.
The telecom giant faced challenges in providing comprehensive insights into the breach, leaving customers in the dark about the extent of the compromise. Services, including payment processes through the Claro app and the activation of new lines, were severely impacted. Despite Trigona’s negotiation deadlines passing without a clear resolution, Claro remains tight-lipped about the ongoing situation. Regulatory bodies have initiated investigations, reflecting the gravity of the cybersecurity incident.
Trigona, previously linked to the CryLock ransomware, reappeared on the cybersecurity landscape after purported actions by pro-Ukrainian white hat hackers in 2023. Claro, a brand under América Móvil owned by Mexican billionaire Carlos Slim, faces a significant challenge in resolving the aftermath of this cyber attack.
