TSTT Ransomware Attack - Customer data on dark web

[bluefete]

Oui Foote!!!!! Now I understand why Gonzales called for an independent inquiry. AHAHAHAAAAAAAAAAAAAAAAAAAAAAAA

Rowley’s data leaked in cyberattack

Prime Minister Dr Keith Rowley’s identification card number, his driver’s permit number and his passport number have been found to be compromised in TSTT’s data breach.

The Excel document also has his birth date and a PO box address for him as Prime Minister.

https://guardian.co.tt/news/rowleys-dat ... df046dae28

[pugboy]

so does the info have the telephone numbers associated with the account id/dp info leaked ?

ppl deputy and ting numbers might be public

[pugboy]

calling for an inquiry is pointless, won’t fix or resolve anything

classic knee jerk reaction to say they doing something ie pass the buck

[Dohplaydat]

NGL this data breach is a huge firetruck up by TSTT.

Imagine i hear TSTT executives saying is no big deal and this info available in white pages already.

Yup, shows the lack of knowledge and awareness of TSTT leadership.

[xtech]

why would somebody hard code in a username/password

U serious?

When you reset your router after you forget your credentials.
What are the the default username and password?… you can also find that info in simple google search or the user manual if you you forgot those as well. Thank goodness the router defaults to the hard coded credentials huh.

About 10 years ago I used to setup private hidden wifi hotspots in tstt devices all over the country so I could get wifi data while I drove around. Because I had admin credentials. I could have been more malicious if I wanted to but all I wanted was Internet access to get my work done. So imagine now that this info is out in the public not everyone will think like me.

[death365]

i on ..... my id an dp too ... along with current non bmobile number

[aaron17]

He still fed up?

Rowley’s data leaked in cyberattack
https://guardian.co.tt/news/rowleys-data-leaked-in-cyberattack-6.2.1844992.df046dae28

[The_Honourable]

Are you in the TSTT data dump? Find out here…

By Mark Lyndersay - November 6, 2023

Quantum-Chaos, a technology solutions company based in Delaware with operations in the Caribbean has created a website that searches the TSTT data dump on the dark web and allows a user to find out if their name is in the information archive posted there.

https://datatrace.quantum-chaos.com/

The company has used Optical Character Recognition (OCR) on scanned information and indexed the four million record customer database to provide a resource that users on the open internet can use to discover if their names or other information are in these documents.

Searches do not access the actual data and only provide a count of instances of the search term.

The deep web is not searchable and most websites there are not indexed the way that the open internet is.cec

Please note that this search option is not perfect. Some professionals who have found their information in the data dump have not found it using the search. If you get a negative result, it may still be possible that your information is there.

https://technewstt.com/are-you-in-the-tstt-data-dump/

[redmanjp]

I already get a IRS scam sms from a +44 number this morning so it could be very well from this breach.

Edit - I was now going to post about that search option. My info not in the dump according to that search but could be somewhere else that wasn't made public.

[maj. tom]

That search does not work so don't think you're safe. It cannot find any string at all.

[Dohplaydat]

I already get a IRS scam sms from a +44 number this morning so it could be very well from this breach.

Edit - I was now going to post about that search option. My info not in the dump according to that search but could be somewhere else that wasn't made public.

+44 is UK's area code though, but yes your number is now out there open to scammers.

[otonielroberto]

IHVethEdaTa
cAnNNnOTposTiTHeREIlLegAl

ITIsALlllTHAtHEinvESigTaGTORSSAY
AlLpassWrDZZanDadmiNIsTatror4tssTT
TROUBLeDANGeRRuOUS

ACCoUntnUMBEr namE ADDrEss WoRkplaCe job TiTLE IdcArDNUMBeR DaTeoFBIRtH sIMCArdNumBEr imEi imiS goVErNMenT LIStS CaNNOtSHaReSORrY

PrOoF
heAders


BAN,accountName,spid,role,TYPE,groupType,systemType,state,registrationStatus,writtenOff,promiseToPayDate,promiseToPayStartDate,currentNumPTPTransitions,ptpTermsTightened,vpnMSISDN,ownerMSISDN,parentBAN,responsibleBAN,firstName,lastName,accountMgr,debtCollectionAgencyId,lastModified,lastStateChangeDate,lastLoDGenerationDate,responsible,totalNumOfSubscriptions,vpn,icm,greeting,creditCategory,originalCreditCategory,dealerCode,discountClass,taxAuthority,TaxExemption,TEIC,language,currency,billCycleID,paymentPlan,paymentPlanAmount,paymentPlanStartDate,paymentPlanCurrCount,paymentPlanInstallmentsCharged,paymentPlanMonthlyAmount,billingMsgPreference,billingMessage,paymentMethodType,paymentMethod,CREDITCARDNUMBER,pMethodCardTypeId,expiryDate,holderName,debitBankTransit,pMethodBankID,debitAccountNumber,maxDebitAmount,subscriberSegment,billingAddress1,invoiceDeliveryOption,category,contactName,profileAttachmentKey,companyName,nextSubscriberId,inCollectionDate,bankID,contract,contractStartDate,contractEndDate,useIfNoSubCreditInfo,createAccountReason,oldBAN,lastInvoiceDunnedDueDate


goOdbYE

[ProtonPowder]

is all the credit card details he say inno

[paid_influencer]

",CREDITCARDNUMBER,"

why is this not in camel case

everything else is in camel case

[VexXx Dogg]

IHVethEdaTa
cAnNNnOTposTiTHeREIlLegAl

ITIsALlllTHAtHEinvESigTaGTORSSAY
AlLpassWrDZZanDadmiNIsTatror4tssTT
TROUBLeDANGeRRuOUS

ACCoUntnUMBEr namE ADDrEss WoRkplaCe job TiTLE IdcArDNUMBeR DaTeoFBIRtH sIMCArdNumBEr imEi imiS goVErNMenT LIStS CaNNOtSHaReSORrY

PrOoF
heAders


BAN,accountName,spid,role,TYPE,groupType,systemType,state,registrationStatus,writtenOff,promiseToPayDate,promiseToPayStartDate,currentNumPTPTransitions,ptpTermsTightened,vpnMSISDN,ownerMSISDN,parentBAN,responsibleBAN,firstName,lastName,accountMgr,debtCollectionAgencyId,lastModified,lastStateChangeDate,lastLoDGenerationDate,responsible,totalNumOfSubscriptions,vpn,icm,greeting,creditCategory,originalCreditCategory,dealerCode,discountClass,taxAuthority,TaxExemption,TEIC,language,currency,billCycleID,paymentPlan,paymentPlanAmount,paymentPlanStartDate,paymentPlanCurrCount,paymentPlanInstallmentsCharged,paymentPlanMonthlyAmount,billingMsgPreference,billingMessage,paymentMethodType,paymentMethod,CREDITCARDNUMBER,pMethodCardTypeId,expiryDate,holderName,debitBankTransit,pMethodBankID,debitAccountNumber,maxDebitAmount,subscriberSegment,billingAddress1,invoiceDeliveryOption,category,contactName,profileAttachmentKey,companyName,nextSubscriberId,inCollectionDate,bankID,contract,contractStartDate,contractEndDate,useIfNoSubCreditInfo,createAccountReason,oldBAN,lastInvoiceDunnedDueDate


goOdbYE

dawg, everyone have the data.

[DMan7]

Look at peeeeple all of a sudden using the Tor web browser

[pugboy]

where the local site to scan it?

[death365]

Heh heh heh tru tha !!!

Hopefully at least ah 5% will see the true benefits of using it and continue

Look at peeeeple all of a sudden using the Tor web browser

[aaron17]

Are you in the TSTT data dump? Find out here…

By Mark Lyndersay - November 6, 2023

Quantum-Chaos, a technology solutions company based in Delaware with operations in the Caribbean has created a website that searches the TSTT data dump on the dark web and allows a user to find out if their name is in the information archive posted there.

https://datatrace.quantum-chaos.com/

The company has used Optical Character Recognition (OCR) on scanned information and indexed the four million record customer database to provide a resource that users on the open internet can use to discover if their names or other information are in these documents.

Searches do not access the actual data and only provide a count of instances of the search term.

The deep web is not searchable and most websites there are not indexed the way that the open internet is.cec

Please note that this search option is not perfect. Some professionals who have found their information in the data dump have not found it using the search. If you get a negative result, it may still be possible that your information is there.

https://technewstt.com/are-you-in-the-tstt-data-dump/

I found five items contained Keith Rowley.

[pugboy]

marvy saying the keith rowlee records in the wild aren’t we pm, so must fake or somebody else with same name
man implying data neither here nor there yes

[maj. tom]

Kamla should print out that page from the txt file and present it in Parliament. Unlike the infamous Rowley emails, this one is actually real.

He is lying btw.

[Mmoney607]

So they don't have his name a Keith "Christopher" Rowley in the database

[stev]

ah wonder how TSTT + Fortinet partnership going?

I wouldn't lie eh....Fortinet does sell real dreams.

[DMan7]

Fortinet supposed to be top of the line security systems considering you have to do a comprehensive course overseas (they don't offer it here in T&T) in order to be qualified to administer their systems.

[stev]

Supposed to be but without a cybersecurity framework and staff to enforce it...it's basically a fig tree in a hurricane.

I'm 100% sure their internal ICT governance is garbage....the staff that manage that aspect of the company were probably retrenched.

The leaked data is old of course but even in 2014, why do you still have unencrypted soft copy passwords....in word docs and text files. Them thing hadda be hard copy and vaulted.

[maj. tom]

I sure they have passwords like 12345678, pa$$word and Cisco123 in Word documents.

[stev]

I sure they have passwords like 12345678, pa$$word and Cisco123 in Word documents.

Passw0rd123!
tstt123!
tsttcic! (username cicadmin )
admin123!

that's some of the funny ones I saw....now I saw some pretty good passwords I wouldn't lie...but is it good though if it's in a word document? lol

A lot of people downloaded the data but I hope they all did it on a machine with 'proper' security software....6 items were sandboxed then quarantined when I downloaded it. I had to download it because I was asked to do a risk assessment for the company I work for.

Poor overnight Tor users probably have dormant stuff on their machines and don't even know.

[pugboy]

this is the most important advice eh

I sure they have passwords like 12345678, pa$$word and Cisco123 in Word documents.

Passw0rd123!
tstt123!
tsttcic! (username cicadmin )
admin123!

that's some of the funny ones I saw....now I saw some pretty good passwords I wouldn't lie...but is it good though if it's in a word document? lol

A lot of people downloaded the data but I hope they all did it on a machine with 'proper' security software....6 items were sandboxed then quarantined when I downloaded it. I had to download it because I was asked to do a risk assessment for the company I work for.

Poor overnight Tor users probably have dormant stuff on their machines and don't even know.

[aaron17]

Image the whole of trinidad and tobago have to change their credit cards etc.....

[aaron17]

WELP!

Banking and credit card info in TSTT cybersecurity leak
https://guardian.co.tt/news/banking-and ... 0bc6cab040