Asha Javeed

Lead Ed­i­tor—In­ves­ti­ga­tions

asha.javeed@guardian.co.tt

The Telecom­mu­ni­ca­tions Ser­vices of Trinidad and To­ba­go (TSTT) has fired its chief fi­nan­cial of­fi­cer, Shi­va Ram­nar­ine.

It comes just two months af­ter for­mer chief ex­ec­u­tive of­fi­cer Lisa Agard was fired from the com­pa­ny fol­low­ing the han­dling of a da­ta breach at the ma­jor­i­ty State-owned com­pa­ny in Oc­to­ber.

The Com­mu­ni­ca­tion Work­ers’ Union (CWU) had called for the re­moval of Agard and Ram­nar­ine fol­low­ing the mas­sive da­ta breach last year.

“He did not pay for prop­er cy­ber se­cu­ri­ty ser­vices for the com­pa­ny which would have min­imised the im­pact and pro­tect cus­tomers,” for­mer sec­re­tary gen­er­al of the CWU Clyde El­der had said at the time of the in­ci­dent.

The T&T Guardian was told yes­ter­day that TSTT sought le­gal ad­vice be­fore they axed Ram­nar­ine.

Yes­ter­day, TSTT’s man­age­ment sent out an all-staff email an­nounc­ing the de­par­ture of Ram­nar­ine from the or­gan­i­sa­tion.

In a sep­a­rate email note to ex­ec­u­tives, TSTT said, “To en­sure a smooth tran­si­tion, man­age­ment has iden­ti­fied an in­ter­nal can­di­date for rec­om­men­da­tion to tem­porar­i­ly fill the po­si­tion of chief fi­nan­cial of­fi­cer. The rel­e­vant in­ter­nal gov­er­nance process­es will be en­gaged in or­der to ob­tain the board’s ap­proval for this can­di­date to over­see the op­er­a­tions of the Fi­nance De­part­ment un­til a suit­able suc­ces­sor is found af­ter the re­quired re­cruit­ment process has been en­gaged.

“You will be kept up­dat­ed as nec­es­sary in this re­gard. We have thanked Mr Ram­nar­ine for his con­tri­bu­tion to the com­pa­ny and wish him well in his fu­ture en­deav­ours.”

In a state­ment late yes­ter­day, TSTT con­firmed the ex­it.

“TSTT can con­firm the de­par­ture of its for­mer Chief Fi­nan­cial Of­fi­cer, Mr Shi­va Ram­nar­ine. We, how­ev­er, cat­e­gor­i­cal­ly de­ny that his de­par­ture was in any way re­lat­ed to the cy­ber­at­tack. Mr Ram­nar­ine served the com­pa­ny well dur­ing his tenure and we wish him well in his fu­ture en­deav­ours,” it said.

Ram­nar­ine was a for­mer chief fi­nan­cial of­fi­cer at Caribbean Air­lines (CAL) and was fired from that com­pa­ny in Au­gust 2013.

Af­ter Agard was fired, in a fall­out over the com­pa­ny’s poor pub­lic han­dling of the mat­ter, TSTT ap­point­ed Kent West­ern to the post of act­ing CEO ef­fec­tive im­me­di­ate­ly.

The cy­ber­breach on TSTT oc­curred on Oc­to­ber 9, 2023, at 4.18 pm but was on­ly made pub­lic on Oc­to­ber 27, af­ter Fal­con Feeds, an In­dia-based tech­nol­o­gy se­cu­ri­ty com­pa­ny, re­port­ed on its X (for­mer­ly Twit­ter) so­cial me­dia ac­count that ran­somware group, Ran­somExx, added TSTT (http://tstt.co.tt) to its vic­tim list. It claimed to have ac­cess to 6GB of or­gan­i­sa­tion da­ta.

On Oc­to­ber 28, TSTT said in a state­ment that there was no com­pro­mise of cus­tomer da­ta but added that it had not cor­rob­o­rat­ed in­for­ma­tion in the pub­lic do­main pur­port­ed to be cus­tomer in­for­ma­tion.

How­ev­er, af­ter cy­ber­se­cu­ri­ty ex­perts went dig­ging in­to the da­ta and made their dis­cov­er­ies pub­lic, the com­pa­ny is­sued an­oth­er state­ment.

On No­vem­ber 3, TSTT ad­mit­ted that 6GB, or less than one per cent of the petabytes of the com­pa­ny’s da­ta, was ac­cessed but that the ma­jor­i­ty of its cus­tomers’ da­ta was not ac­quired and no pass­words were com­pro­mised.

Guardian Me­dia has re­port­ed that the names of the coun­try’s top of­fi­cials, in­clud­ing Prime Min­ster Dr Kei­th Row­ley, Pres­i­dent Chris­tine Kan­ga­loo, Chief Jus­tice Ivor Archie, Fi­nance Min­is­ter Colm Im­bert, Na­tion­al Se­cu­ri­ty Min­is­ter Fitzger­ald Hinds, Po­lice Com­mis­sion­er Er­la Hare­wood-Christo­pher and Pub­lic Util­i­ties Min­is­ter Mar­vin Gon­za­les, are all in­clud­ed in a list of peo­ple found in doc­u­ments down­loaded from the dark web from TSTT’s da­ta breach.

And de­spite de­nial by TSTT, Guardian Me­dia ob­tained scans with cred­it card in­for­ma­tion, as well as bank ac­count num­bers, in­clud­ed in the 6GB da­ta bun­dle. Al­so in­clud­ed among the scans were bank­ing in­for­ma­tion for cus­tomers, com­pa­nies, State en­ter­pris­es, min­istries, as well as cred­it card num­bers in trans­ac­tion re­ceipts. There were al­so for­eign ID cards and doc­u­ments in the dump.

The list con­tains 1.2 mil­lion en­tries, which had been post­ed on­line fol­low­ing the da­ta breach at the telecom­mu­ni­ca­tions com­pa­ny.

The com­pa­ny’s line Min­is­ter, Mar­vin Gon­za­les, has or­dered an in­de­pen­dent in­ves­ti­ga­tion in­to the da­ta breach but that in­ves­ti­ga­tion has not yet be­gun.