Senior Political Reporter
Public Utilities Minister Marvin Gonzales says he has information on the cyberattack on TSTT, and information being “leaked” which refers to one “Keith Rowley”, is not that of Prime Minister Dr Keith Rowley.
And at this point, no report confirms that the personal information of MPs has been affected by the data breach, Gonzales stressed.
Gonzales revealed this yesterday in the Senate while replying to questions from UNC Senator Jearlean John. She had asked, given recent reports that the Prime Minister’s private information has been leaked due to the cyberattack on TSTT, if any other Cabinet minister, MP or senator had been affected.
Gonzales said the Government has mandated TSTT’s board to conduct a thorough and independent investigation into the October 8 cyberattack.
“I’m advised that the board has already taken steps towards facilitating the commencement of this probe,” Gonzales said.
“Additionally, TSTT is still in the process of evaluating all aspects of the attack, including the validation of all reported information in the public domain ie, the personal data of all our citizens, inclusive of members of Cabinet and parliamentarians. At this point in time, I do not have any report before me that confirms that the personal information of Members of Parliament has been affected by this data breach.
“However, as the results of the investigation become available, I will be in a position to provide further clarity on this ongoing situation. This situation remains of significant concern to the Government and all resources are being made available to address this problem.”
John asked what are TSTT’s plans to inform customers individually if their data had been compromised, as this can lead to issues.
Gonzales said, “That’s the reason we asked for an independent investigation into this matter. (John’s) question is premised on information pertaining to the Honourable Prime Minister being ‘leaked’ in the public domain. I have information that the report in (Monday’s) Guardian that refers to one ‘Keith Rowley’ is not that of the Honourable Prime Minister and that is the reason why this matter warrants an independent and thorough investigation so we can truthfully report to the public on this very critical issue.”
Contacted via WhatsApp on who the “Keith Rowley” referred to in the matter really was, Gonzales said it was a Keith Rowley of Woodbrook. He gave no further information.
TSTT CEO, Bankers' Association must explain–Rudy
Yesterday UNC MP Rudy Indarsingh called on TSTT to say whether its servers were infiltrated with the RansomEXX Hack six months ago. He also called on the Bankers’ Association to say if any credit cards were affected.
He said he had been inundated by calls from Couva South constituents concerned about whether their personal data was compromised and stolen. He called on TSTT to inform affected customers of the extent of damage done, possible implications and possible remedial action.
Indarsingh said initially TSTT indicated that credit card information was not stolen. However, he said initially, TSTT described the attack as an attempt. “We therefore cannot trust TSTT’s word or Minister Marvin Gonzales who also initially denied any attack against TSTT, then changed his tune.
“TSTT must also advise whether it’s true the RansomEXX group infiltrated its servers six months ago. If true, then it makes the non-reporting of this a great concern, whereby this non-reporting could have been due to TSTT’s cyber software being inadequate or TSTT management trying to keep this matter under the carpet.”
Indarsingh added, “One wonders whether the cyber security arrangements have been compromised due to the layoffs of hundreds of TSTT workers over the past three years. One also wonders whether this attack could have been arranged as a reprisal for employees laid off ... “
Indarsingh called on Gonzales and TSTT Chief Executive Officer Lisa Agard to confirm
whether TSTT’s cyber security monitoring is being done by one person, adding there must be accountability from Agard on how and why the breach was not made public.
