Telecom company Tigo has disclosed a cybersecurity incident affecting a select group of corporate clients. The disruption is confined to Tigo Business services and has not spilled over to affect any other mass or corporate telecommunication, internet, or electronic wallet services.
In their official statement, Tigo assures users that regular services, including telephony, internet, and electronic wallets, remain operational, while their entire team is actively working towards restoring the affected corporate services. In a concerning development, the Paraguay Ciberseguro Foundation reports a ransomware attack on Tigo, involving the kidnapping and encryption of data hosted on their servers.
The lack of formal communication to the public about the incident has raised alarm among affected clients, resulting in significant data losses for businesses relying on Tigo’s hosting services.
This incident underscores the broader risks associated with cyber threats, potentially leading to data breaches and subsequent sale in the black market. Despite Tigo’s reputable data center certifications in Latin America, the threat actor behind the ransomware, identified as the potent Black Hunt group, has a history of causing disruptions in Colombia.
The group has targeted banks and Tigo in the past, demanding a ransom in exchange for compromised data. Noteworthy affected entities include Tupi, the Ministry of Foreign Affairs, and the Farmacenter pharmacy chain, among others. The Ministry of Information and Communication Technologies (Mitic) acknowledges the incident, emphasizing the severity of the cybersecurity threat affecting local telecommunications.
Reference:
