UK-based Colt Technology Services is battling the aftermath of a cyberattack that has disrupted multiple services for several days, including hosting and porting services, Colt Online, and its Voice API platform.
The company confirmed that the incident began on August 12 and continues to affect operations, with IT teams working around the clock to restore services.
Founded in 1992 as City of London Telecommunications (COLT) and acquired by Fidelity Investments in 2015, Colt is a major telecommunications and network services provider. It operates across 30 countries in Europe, Asia, and North America, managing 75,000 km of fiber networks and connecting 900 data centers worldwide.
Colt initially attributed the disruption to a “technical issue,” but later confirmed it as a cyber incident. To contain the attack, the company took several systems offline, including Colt Online and Voice API, which has hampered customer communication through online portals.
Clients are currently advised to reach out via email or phone, though Colt warns of slower response times. Importantly, Colt emphasized that the incident affects support services only and that core customer network infrastructure remains unaffected.
The company has notified authorities but has not yet shared details about the perpetrators or attack method. There is no timeline for full service restoration.
A threat actor under the alias “cnkjasdfgd”, claiming to be a member of the WarLock ransomware group, has taken credit for the attack. The actor is allegedly selling one million stolen documents for $200,000, with samples published as proof.
The leaked files reportedly contain:
* Financial and executive data
* Employee and customer records
* Internal emails
* Software development documentation
Security researcher Kevin Beaumont suggests that the attackers likely exploited CVE-2025-53770, a critical remote code execution vulnerability in Microsoft SharePoint.
This flaw had been actively exploited as a zero-day since July 18 before Microsoft patched it on July 21. According to Beaumont, the hackers may have exfiltrated hundreds of gigabytes of sensitive customer data and internal documentation.
In a statement to BleepingComputer, a Colt spokesperson said:
“We’re aware of claims regarding the cyber incident. We are currently investigating these claims. Our technical team is focused on restoring the internal systems impacted by the cyber incident and is working closely with third-party cyber experts. We are grateful for our customers’ understanding as we work towards a resolution.”
