Colt confirmed that the customer data was stolen in the Warlock ransom Software attack: Documents are on sale in dark network

Colt Technology Services, a UK -based telecommunications and network services provider, confirmed that customer certificates were stolen for the first time after the recent cyber attack.

COLT's updated security announcement, "A criminal group has accessed some files from our systems. These files may have information about our customers. Document headings have been published in the dark network."

Warlock's claim

The Warlock ransom Software Group (Storm-2603), which is considered to be China-linked, put up 1 million documents on the Cyber ​​Crime Forum on the RAM for $ 200,000.

According to BleepingComputer's verification, Tox ID, which is included in the forum announcement, matches the identities used in Warlock's previous ransom notes.

About the Warlock Group

• He appeared in March 2025 and initially demanded ransom using Lockbit leak notes.
• In June, he announced his own brand under the name “Warlock Group ve and established special dark network sites.
• Previously, Babuk VMware Esxi made attacks using passwords and Lockbit leaks.
• In July, Microsoft announced that the group used SharePoint vulnerability to infiltrate corporate networks.
• Warlock's ransom demands vary from $ 450,000 to several million dollars.

Risk for customers

Although the details of the alleged documents are not explained, the financial and institutional information of Colt customers has a risk of third parties.

Kaynak: Beykozun Sesi