The Trinidad and Tobago Chamber of Industry and Commerce is calling on companies who experienced a cyberattack to make it their duty to inform affected customers.
The chamber made the call yesterday, even as the Telecommunications Services of T&T (TSTT) was still probing the October 9 cyberattack that led to a data dump of its information on the dark web.
Initially, TSTT had said there was no compromise of customer data, although it had not corroborated information in the public domain purported to be customer information. Last Friday, however, it admitted that 6GB, or less than one per cent of the petabytes of the company’s data, was accessed.
In a statement yesterday, the T&T Chamber said events of this nature are expected to become even more commonplace and companies need to protect themselves from these attacks with the relevant software tools.
“It is an unfortunate reality that this will continue to be a part of our daily lives, but firms that experience a breach of security in this manner, must be made to inform those that can be affected by such an incident by the sharing of their data of the possibility of the extended effect,” the business group explained.
Also addressing the issue, Greater San Fernando Chamber of Commerce president Kiran Singh said the criminal act had sent serious alarm bells throughout the business community.
“What is the result of this breach? A nationwide shadow of doubt has now been cast on saving data electronically, because hackers have been able to access data belonging to innocent persons and companies on the dark web.
“This is the frightening reality that we must live with. Very confidential business information may have been compromised through this irresponsible act. Banks boast of hyper security but so did TSTT,” Singh lamented.
He said the data breach could not have happened at a worse time in this country’s development, as the many positive strides made in transitioning to the digital age have now been challenged.
He said the chamber supports Public Utilities Minister Marvin Gonzales’ call for an investigation into the breach, as it is quite clear laws have been broken.
“Where is the Cybercrime Unit of the TTPS? Unless immediate action is not taken to apprehend the hackers, confidence may be long in returning to the sharing of confidential information via the internet.
“We have no idea if this was done locally or if foreigners were involved. Businesspeople tend to be very private and will not volunteer publicly to admit if they were personally affected,” a concerned Singh added.
Expressing similar sentiments, the Confederation of Regional Business Chambers said the TSTT breach illustrates the danger of being lax with cybersecurity in a rapidly evolving business environment that is increasing its digital infrastructure.
The CRBC made a call for the company to notify businesses to let them know they are at risk and allow them to be vigilant and inform them how to downside risks.
“Saying less and doing less will not help the situation or mitigate the potential risks to individuals and corporate and commercial entities going forward,” the CRBC added.
Meanwhile, the Chaguanas Chamber of Commerce said given that TSTT stores information from a large percentage of the public, there exists some unease amongst the business community and private citizens.
“So far, we do not have any reports of this breach from members of the chamber. Based on the information provided, there appears to be a violation of customers’ private information,” it said.
“We are still unsure of the extent of the leak, as TSTT is still investigating. However, when the full investigation is complete, management needs to come clean and advise the public by providing full disclosure via the media.”
Furthermore, the chamber said the telecommunications company needs to advise whether they will be investing in software to reduce further risk of breaches of a similar nature.
