BitDepthThe flagellation of TSTT

The flagellation of TSTT

Above: Fresco detail from Milan’s Certosa di Garegnano. Image by clodio/DepositPhotos

BitDepth#1433 for November 30, 2023

Now that the furore, at least in the media, about the TSTT hack has largely subsided, perhaps it’s time to think about why the incident loomed so large in the public consciousness.

It can’t be just the fact of the data breach. There were breaches before and breaches right after that didn’t raise that level of alarm.

Eighteen days after the story broke, TSTT CEO Lisa Agard was reported, in the words of a company press release to have “departed.”

Placed in an acting role is Kent Western, abruptly promoted from the post of General Manager, Customer Experience and Marketing, who must now make sense of the situation.

What went wrong, or was so dramatically different from previous data breaches?

The data went public

TSTT chose to downplay the significance of the breach by declaring the 6GB data haul to be insignificant compared to the terabytes of data it manages daily.

But the size of the data exfiltrated in the breach made accessing and working with it possible for even casual users.

Unfortunately, the stolen files were not encrypted. Encryption makes data unreadable without a password and protects with varying levels of complexity.

The size of some of the exfiltrated files and nature of the data encoding, designed to be read by an Oracle database, meant that it was impossible to review the largest files in their entirety using commonly available tools, but there was enough there to send ordinary citizens into a tizzic.

The small size of the files also allowed them to be widely distributed after they eventually were downloaded from the dark web and posted to open internet file sharing sites and that brought further inspection, some of it admittedly both hysterical and ill-advised.

The departed: TSTT’s former CEO, Lisa Agard.

The communication was a hot mess

Even in her final public communication in a full page press statement, TSTT’s CEO seemed to be blaming the poor messaging on everyone except herself.

It’s hard to imagine Agard, a lawyer, allowing any statement from the company to be sent if it did not have her unequivocal approval and what she approved was dense with legal caveats, evasiveness and misdirection.

The releases on October 30 and November 05 were not communication with anxious customers. They were a clumsy attempt to change the conversation, but nobody had time for that.

When news broke just seven days later that a 2021 data breach of Digicel Group data had been found by Jamaican cybersecurity investigators, two things stopped that news from commanding headlines.

Digicel could point to a press release disclosing what had happened days after the data went live and at 164.55GB, it was impenetrably encoded for distribution. The file was archived on the dark web in 337 segments, each 500MB in size.

All of the archive segments had to be downloaded and then reassembled for access. A daunting task at best.

Misunderstanding the stakeholders

TSTT’s communications during the heat of the incident first denied any impact for its customers, then sought to downplay potential exposure.

While the mass release of the personally identifiable information (PII) of hundreds of thousands of customers was troubling enough, the company appeared to forget that the 51 per cent share held by the government is actually being held on behalf of the 1.4 million citizens of Trinidad and Tobago.

Everyone had a stake in this.

Multinational companies like the Irish-owned Digicel and the US-owned Liberty Global (Flow, Columbus) have substantial outposts in the Caribbean, but TSTT’S navel string is buried here.

So customers were disappointed, citizens were uneasy and trust in the company was unnecessarily shaken.

It was worse than an own goal. The TSTT team just kept on firing shots at their nonplussed goalie. It couldn’t have been a good week to be Khamal Georges.

What is TSTT?

TSTT CEO (ag) Kent Western

The Public Utilities Minister declared himself pleased with Kent Western after they met last week, declaring that the ministry and the telecommunications company were now on “the same page.”

The minister seems to think TSTT is another state company over which he needs to exercise greater control. Given that the other state companies that he has dominion over generate staggering losses that doesn’t seem to be a positive development.

That’s probably not good news for anyone. TSTT is supposed to be a business, but nobody is interested in the dormant 49 per cent shareholding held by Liberty Global.

TSTT’s inability to explain itself over a fortnight of media scrutiny does not speak of a company operating with clear directives or oversight.

Implying that Lisa Agard’s departure heralds a new day is misleading and more state intervention is unlikely to improve that situation.

Social permission and the data center

Social permission and the data center

Generating equipment would have to be designed for the sea-salt laden air found even inland on an island.
Read More
Support us

Support us

Donate to support our work.
Read More
Brightstar Lottery launches 6th Annual Coding & Robotics Rock! Camp

Brightstar Lottery launches 6th Annual Coding & Robotics Rock! Camp

We want students in Trinidad and Tobago to understand these technologies from the inside, as innovators and problem-solvers.
Read More
How should business and government embrace AI?

How should business and government embrace AI?

"Very few people in the world can quantify the fiscal value of AI." - Anton Alexander
Read More
A request of readers

A request of readers

This is what's been happening since Newsday went away.
Read More
The data privacy issues in TT’s national ID platform

The data privacy issues in TT’s national ID platform

A country building a biometric database with no enforceable data-protection law is a live risk in the abstract.
Read More
Digicel, LoopUp partner to bring Microsoft Teams telephony to the Caribbean

Digicel, LoopUp partner to bring Microsoft Teams telephony to the Caribbean

By partnering with LoopUp, we can give our enterprise customers a seamless, fully managed Teams telephony experience
Read More
iVote Live launches with a focus on improved governance for organisations

iVote Live launches with a focus on improved governance for organisations

"A platform does not automatically create good governance. A digital vote does not automatically create democracy."
Read More
Maximize online impact with content that connects

Maximize online impact with content that connects

Staying visible online is hard when daily demands compete with the pressure to post often, stay on-brand, and still sound human
Read More
How influencer marketing works in the Caribbean

How influencer marketing works in the Caribbean

You have to really trust in this influencer to represent your brand, to be an advocate, to be the voice of your brand.
Read More
Your children: More device use means more cyber risk

Your children: More device use means more cyber risk

Shared family devices are often overlooked in terms of software updates and become gateways for cybercriminals.
Read More
CIBC Caribbean cards can now be added to Google Wallets

CIBC Caribbean cards can now be added to Google Wallets

Clients will be able to store Visa and Mastercard Credit Cards and Visa Debit Cards within Google Wallet, a digital wallet that's also launching in these markets.
Read More
Samsung Electronics expands water replenisment in 2026 Sustainability Report

Samsung Electronics expands water replenisment in 2026 Sustainability Report

Across its supply chain, Samsung expanded the scope of third-party audits to include 122 first-tier suppliers and 39 second-tier suppliers.
Read More
Social permission and the data center Social permission and the data center
Support us Support us
Brightstar Lottery launches 6th Annual Coding & Robotics Rock! Camp Brightstar Lottery launches 6th Annual Coding...
How should business and government embrace AI? How should business and government embrace...
A request of readers A request of readers
The data privacy issues in TT’s national ID platform The data privacy issues in TT’s...
Digicel, LoopUp partner to bring Microsoft Teams telephony to the Caribbean Digicel, LoopUp partner to bring Microsoft...
iVote Live launches with a focus on improved governance for organisations iVote Live launches with a focus...
Maximize online impact with content that connects Maximize online impact with content that...
How influencer marketing works in the Caribbean How influencer marketing works in the...
Your children: More device use means more cyber risk Your children: More device use means...
CIBC Caribbean cards can now be added to Google Wallets CIBC Caribbean cards can now be...
Samsung Electronics expands water replenisment in 2026 Sustainability Report Samsung Electronics expands water replenisment in...

🤞 Get connected!

A once weekly email notification of new stories on TechNewsTT. Just that. No spam.

Possible UI Glitch. Click top right corner to dismiss 👉

Get Connected!

A once weekly email notification of new stories on TechNewsTT.

Just that. No spam.

RELATED POSTS