BleepingComputer reports that UK multinational telecommunications and network services provider Colt Technology Services has confirmed launching a probe into the WarLock ransomware gang's claims of compromising its systems in a cyberattack last week, which has resulted in a multi-day operational disruption.
"Our technical team is focused on restoring the internal systems impacted by the cyber incident and is working closely with third-party cyber experts," said a Colt spokesperson, who has not detailed the timeline for restoring affected systems, including those for its support services. In a post on a hacking forum, a purported WarLock ransomware member advertised the sale of a million documents from the telecommunications firm, including its financial data, customer contract information, software development data, and network architecture details, for $200,000. Such a compromise is believed by security researcher Kevin Beaumont to have been facilitated by the exploitation of the critical Microsoft SharePoint remote code execution flaw CVE-2025-53770, which has been leveraged in attacks since July 18.
"Our technical team is focused on restoring the internal systems impacted by the cyber incident and is working closely with third-party cyber experts," said a Colt spokesperson, who has not detailed the timeline for restoring affected systems, including those for its support services. In a post on a hacking forum, a purported WarLock ransomware member advertised the sale of a million documents from the telecommunications firm, including its financial data, customer contract information, software development data, and network architecture details, for $200,000. Such a compromise is believed by security researcher Kevin Beaumont to have been facilitated by the exploitation of the critical Microsoft SharePoint remote code execution flaw CVE-2025-53770, which has been leveraged in attacks since July 18.
