Original article ISPreview UK:Read More

Business communications and internet provider Colt Technology Services (COLT) has provided an update after hackers breached their business support systems late last week, which resulted in the provider choosing to proactively take some systems offline. Work to restore the service remains ongoing, but sadly it is now known that a data breach has occurred.

The situation, which has also had knock-on impacts for other telecoms and networking providers across the UK and other countries, originally started on the morning of 12th August 2025 after hackers (allegedly a ransomware gang) breached some of Colt’s internal business support systems – said to be “separate from our customers’ infrastructure“.

The attackers are speculated to have entered through the sharehelp.colt.net server via as recently identified vulnerability in Microsoft’s SharePoint content management and collaboration platform (CVE-2025-53770), which has been given a critical vulnerability score of 9.8 out of 10. But this has not yet been officially confirmed by Colt.

In response, after detecting unusual activity on their business support systems, Colt decided to take some of their key systems offline (e.g. customer portal, NaaS portal, Voice/number API platform) and has been trying to safely recover everything since then. The situation is also disrupting the ordering and delivery of new services, while customer support has suffered after other “automated processes and systems” were also taken offline.

Sadly, it’s since come to light that “some data has been taken” by hackers (including customer data), although the official Cyber Incident page on Colt’s website remains rather vague on the detail.

Colt’s Latest Statement to Customers

We are writing to provide an update on the cyber incident that has affected our business support systems (BSS).

We are now aware that the threat actor has accessed certain files that may contain data related to our customers and posted the document titles on the dark web. Our immediate priority is to determine the precise nature of the files and what information they contain.

We have notified the relevant regulators and authorities, and we continue to work closely with law enforcement agencies as part of our investigation. We are leveraging all available resources to understand the scope and nature of the data breach and to recover the files as a matter of urgency. This is a complex investigation, and we are making progress.

We want to reassure you that this cyber incident is limited to our business support systems, which are separated from our customer infrastructure.

We are committed to sharing relevant details with you as our investigation progresses. Our dedicated incident response team, including external investigators and forensic experts, continue to work 24/7 on the investigation and recovery.

We will contact customers directly where we have specific knowledge of file names accessed.

We have set up a dedicated telephone line to help answer any questions you may have – this will be available from midday BST on Monday 18th August – local free of charge numbers can be found on the website URL below.

You can follow live information on a customer-only page, which can be found at https://www.colt.net/go/it-incident/

If you have any immediate questions, please get in touch with us at customerinformation@colt.net and we will respond as quickly as possible.

We sincerely apologise for any inconvenience this may cause. We greatly appreciate your patience, understanding and ongoing co-operation.

Yours sincerely,

Annette Murphy

Chief Commercial Officer, Colt Technology Services

The most recent service status update, which was posted at 5:45pm yesterday, noted that Colt’s teams “continue to work 24/7 to restore the internal systems affected by the recent cyber incident. We understand how frustrating it is not to have access to some of our support services such as Colt Online and our Voice API platform, and we’re very sorry for this. We appreciate your continued patience and understanding.”

Meanwhile, there are reports (ITPro.) that the cyber gang involved have begun trying to sell millions of related documents online, which are said to cover everything from employee salary and financial data to customer contract data, network details and software development details etc. Several hundred GigaBytes of information is allegedly being offered.

Original article ISPreview UK:Read More

Mobile operator O2 (Virgin Media) has confirmed that they’re currently in the process of “enhancing” their Pay As You Go (PAYG) SIM services and plans during the second half of 2025, which among other things seem to be finally adding support for their latest 5G (mobile broadband) network.

At present O2’s PAYG page still doesn’t make any mention of 5G support and until recently their related FAQ section continued to state that PAYG plans didn’t support it (despite last year’s confusion). But this started to change in July 2025 after a number of PAYG customers began to notice that the 5G icon was popping up, for the first time, on their phones.

Readers of ISPreview will know that there’s often a big difference between seeing the 5G icon and actually getting a true 5G connection on your device (sometimes 5G is still a 4G service), so such things do have to be taken with a pinch of salt until confirmed. But the good news is that O2 has now confirmed the change to be true (credits to Jonathan Jeffrey Cox for spotting).

O2 Support Statement

Just to clear any confusion, we are currently enhancing our Pay & Go connectivity during the 2nd half of this year and customers will start to receive 5G services as their Pay & Go Bundle allowances refresh.

If you’re not currently on a Bundled product you will receive 5G service over the coming months.

Our online pages/FAQs will be updated to reflect this in due course.

The news will no doubt be welcomed by those on O2’s PAYG plans, particularly given that the lack of 5G support has often caused a few grumbles. But we should add that there’s currently no mention of whether this also extends to include the latest end-to-end 5G Standalone (5GSA) network technology, but we will be asking that question today and will report back.

Original article ISPreview UK:Read More

UK ISP TalkTalk has today announced the launch of a new “HomeMove Squad“, which as the name suggests reflects a dedicated team of “Wi-Fi moving experts” that can provide a single point of contact, simplifying the process of transferring services and ensuring customers are connected from day one in their new home.

According to a new online survey of 2,000 UK adults who have moved home and have Wi-Fi, which was conducted during late July 2025 and commissioned by Axicom on behalf of TalkTalk, some two-thirds of home movers allegedly consider that not having Wi-Fi on Day One of their move is considered the most stressful part of the entire process.

The average home mover also faces six days without internet after moving into their new home, and 26% say they endure over a week in the digital dark – highlighting the need to plan their Wi-Fi switch before they move. In addition, 73% of home movers now view Wi-Fi as a fundamental utility they expect to ‘just work’ (we assume they mean ‘broadband’) and this digital downtime prevents 30% from fully setting into their new homes.

On top of that, the survey claims that 23% of respondents “mistakenly” believe their internet connection will automatically transfer to their new address (this does in fact vary depending on network, location and ISP choice etc.), while 17% expect the setup to take only a few hours.

Neil Smith, Chief Operating Officer at TalkTalk, said:

“Moving home is one of the most stressful things we do. It should be about new beginnings, not digital disruption, especially as eight in ten people say Wi-Fi makes a house a home.

We spotted an opportunity to go above and beyond for our customers by creating a HomeMove Squad who manage the process from start to finish, helping alleviate connectivity headaches during what we know is a stressful time.

We’re calling for people to prepare ahead of time and make sure they’re thinking about their Wi-Fi when making plans to move home. That way, we can make sure everything is up and running as early as possible.”

We’d generally agree with TalkTalk’s call for home movers to “pre-plan their Wi-Fi transfer ahead of time” (even though they should be talking about ‘broadband’), but such things are often easier said than done.

In reality, the rapid pace of property change can sometimes make it difficult to do time everything correctly and, strictly speaking, you shouldn’t be ordering a new broadband service until you’ve gained full legal control of the property. Likewise, there’s always the potential for a clash with an existing service that may not yet have been fully cancelled or ended, which is more likely to occur if the same underlying network is involved.

Finally, it’s worth noting that most of us no longer live in areas where the absence of a live fixed broadband service means no access to the internet. For example, 4G/5G based mobile broadband services and other solutions (e.g. Starlink) often exist to act as an effective temporary remedy.

Original article ISPreview UK:Read More

Some customers of internet provider Earth Broadband (earth.) have recently established a Facebook based support group after they complained of having suffered a string of problems with billing errors, unexpected price rises and a lack of effective communication and customer support from the ISP.

Earth Broadband (earth.) itself is a relatively new provider, which first popped up on our radar in 2023 alongside a commitment to plant 500,000 trees and remove 100,000 pounds of plastic each month by 2025 (here) – based on the optimistic assumption of having gained 100,000 customers by that point. Speaking of which, on 4th Aug 2025, the provider reported that they’d so far helped to plant a total of 100,000 trees.

However, it recently began to become clear that all may not be well with the ISP, which was reflected through a sharp rise in complaints about the service that has been seen across social media, review sites and now the Facebook based Earth Broadband Issues support group.

Most of the complaints highlight a lack of response to support requests and billing errors (e.g. duplicate payments), some of which seem to flow from a sudden mid-contract price increase notification that, for some people, popped up with only a few days of notice (considerably less than the 30-day period outlined in their own T&Cs). Not to mention that this was for a provider that had previously pledged not to do mid-contract price hikes.

Sample Customer Complaint 1 (Shannon)

“We signed up via Uswitch after Earth Broadband advertised on multiple platforms with the promise of “no mid-contract price rises”. On 12th August, we received an email informing us of a price increase with only 3 days’ notice (their own website T&Cs say 30 days).

The payment they attempted to take was a duplicate, as we had already paid for August. We cancelled it via our bank after Earth Broadband shut down all communications (live chat and phone lines closed, no email responses).

While checking whether they were allowed to raise the price, we realised we had never received any contract or T&Cs from them. According to Ofcom, this is a breach, as providers must give customers full contract details in a durable format before consent.”

Sample Customer Complaint 2 (Sonya)

“We are in the same position as everyone else. Reported them to OFCOM and Watchdog. Have sent multiple emails etc and no response. I have cancelled my direct debit and the bank have blocked them from setting up any further direct debits, which they are fond of doing. They have breached their contract therefore we are within our legal rights to cancel. As they are unable to respond to any emails other than Trustpilot reviews I have also sent them a letter recorded delivery that confirms they’re in breach of contract and I will be terminating our contract with immediate effect. Also I took a look on Companies House where I found they took out a loan end of July for £111,000 … They are fond of threatening third party collection agencies”

Sample Customer Complaint 3 (Lynn)

“Yes, unfortunately I am another victim of earth broadband.

An additional and increased charge has been taken from my account and like most others I have been unable to contact anyone either via email, phone or web chat.

The only response I had was from the elusive Riley who has never replied to further emails I have sent.”

Feedback on the same group, which came from somebody (James Benton) claiming to be a member of the Operations team at Earth Broadband, yesterday indicated that a “mistake was made by a third-party development team after instructions from management about a price increase“. In other words, the price increase notification was correct, but it was sent out in error (too early) and thus without advanced notice.

James added: “Unfortunately, it reached the point where we were selling broadband at a loss, so a price increase became necessary to ensure the company’s long-term future. Customers should have received advance notice, but the change was applied immediately in error. This meant some customers were charged twice and faced an immediate price increase that should never have happened.”

In addition, James also apologised for the fact that some customers had “received automated emails about debt collection or direct debits being reinstated“, which they’re now working to correct and have pledged to refund “any customers who have paid twice“. The provider has also promised to “pause the price increase for six months for customers who wish to stay” and added that those who wish to cancel because of the change are “free to leave” without penalty. Naturally, we sought a comment of our own on the issues.

Luke Chapman, CEO of Earth Broadband, told ISPreview:

“We’re aware of a billing issue that has affected some customers. Our team are working hard to resolve this error.

Our team introduced a new feature to support price increases and an error was made which resulted in some customers being charged.

Customers are receiving refunds and we’re working hard to rebuild their trust.”

Overall, we do have to give some credit to Earth Broadband above, which seems to be taking the ‘honesty is the best policy‘ style approach in their response; we don’t often see that from ISPs in today’s market and it’s very welcome. On the other hand, those who have been overcharged, sometimes significantly, and threatened with debt collectors, will naturally want to see everything settled before they consider forgiveness.

A quick look at Earth Broadband’s latest micro accounts shows that the company’s total assets less current liabilities stood at -£111k for the year ended 30th April 2024, which compares with the -£75k reported in the prior year. The provider also had 3 employees (including directors), which is down from 4 in the prior year.

Original article Total Telecom:Read More

News

Attackers reportedly hacked into an order management system from TPG’s subsidiary, the broadband provider iiNet

Australia’s TPG has become the latest telco to suffer a major cybersecurity breach this weekend, with data having been exfiltrated from its ISP subsidiary, iiNet.

The breach occurred on August 16, where reports suggest it was quickly detected and contained. Nonetheless, the attack reportedly compromised around 280,000 active email addresses; 20,000 active landline phone numbers; 10,000 iiNet customer names, street addresses, and phone numbers; and 1,700 modem setup passwords.

“We unreservedly apologise to our iiNet customers impacted by this incident,” TPG said in a statement to the Australian Securities Exchange. “We will be taking immediate steps to contact impacted iiNet customers, advise of any actions they should take and offer our assistance. We will also contact all non-impacted iiNet customers to confirm they have not been affected.”

No sensitive customer information, like bank details or personal identity documents, was impacted by the breach, as this data was not stored in the iiNet order management system.

“We do not currently have any evidence to suggest an impact to our broader systems or other customers,” TPG said.

TPG says it is working closely with the Australian Cyber Security Centre, National Office of Cyber Security, Australian Signals Directorate, and the Office of the Australian Information Commissioner to better understand the breach and take appropriate action.

Investigations into how the attackers gained access to these systems are underway, with early indications suggesting that account credentials had been stolen from an employee.

The first half of this decade has not been kind to TPG when it comes to cybersecurity. The company’s Hosted Exchange service, which provides email hosting for iiNet and Westnet business customers, was notably hacked at the end of 2022, impacting around 15,000 business customers. The attackers appeared to be accessing customers’ cryptocurrency and financial information.

Investigations into this attack are still ongoing.

Both attacks combined, however, still pale in comparison to that experienced by TPG’s rival Optus in 2022, when bad actors gained access to the data of up to 10 million of the company’s current and former customers. Illegally obtained information included customers’ names, dates of birth, home addresses, and more.

While a ransom of $1.5 million was initially demanded for the return of the data, the attacker ultimately backed down, allegedly deleting the stolen data due to the unwanted attention it garnered from law enforcement.

Keep up with all the latest telecoms news with the Total Telecom newsletter

Also in the news:
US judge rules Huawei must face charges of fraud and racketeering
Optus ditches football rights to focus on telecoms
Nokia launches digital twin platform Enscryb to digitalise energy sector

Original article ISPreview UK:Read More

Customers of broadband ISP Virgin Media (O2) may like to know that the provider will shortly begin rolling out a new firmware update for their TV 360 and STREAM platforms (set-top-boxes), which is expected to introduce a number of new features (e.g. enhanced search functionality that will use image tiles instead of a text heavy display).

The planned development was first mentioned in a newsletter that was issued to some of the providers customers, although this wrongly gave the impression that the rollout had begun when in fact that is not the case. ISPreview understands that the deployment of their new OS software is instead due to begin within the coming weeks, but we don’t yet have a precise date.

Virgin Media has declined to provide any further details on the rollout and its features until it goes live, so expect another update in the near future once that happens.

Original article Total Telecom:Read More

News

The operators had a duty to ensure customer data was not misused by third parties, the judges reiterated

This week, the U.S. District Court of Appeals for the District of Columbia has sided with the Federal Communications Commission (FCC), upholding a fine against T-Mobile for illegally selling customer location information (CLI).

The ruling relates to an FCC decision last year, which saw the regulator issue fines totalling almost $200 million to T-Mobile, AT&T, and Verizon for sharing customer data to ‘aggregators’ without prior consent. These data aggregators, such a LocationSmart and Zumigo, then resold or syndicated this data to third parties.

At the time, the FCC summarised its findings by saying the carriers had failed to take “reasonable measures” to protect their customers’ data from unauthorised use.

“The FCC Enforcement Bureau investigations of the four carriers found that each carrier sold access to its customers’ location information to “aggregators,” who then resold access to such information to third-party location-based service providers,” explained the FCC in its findings. “In doing so, each carrier attempted to offload its obligations to obtain customer consent onto downstream recipients of location information, which in many instances meant that no valid customer consent was obtained. This initial failure was compounded when, after becoming aware that their safeguards were ineffective, the carriers continued to sell access to location information without taking reasonable measures to protect it from unauthorized access.”

The regulator was first made aware that the mobile network operators were sharing location data to these aggregators in 2018. Fines were first proposed in 2020, but disagreements within the Commission led to delays in their implementation until 2024.

T-Mobile faced the lion’s share of the fines, with the FCC ordering it to pay roughly $80 million, plus a further $12 million on behalf of Sprint, with whom they merged in 2020. AT&T and Verizon were fined $57 million and $47 million, respectively.

All three of the operators have contested the ruling, arguing that the sales did not break the law and that the FCC did not have the authority to impose such penalties. AT&T’s fine was ultimately overturned in April, in part due to the process denying the operator the option of a jury trial.

T-Mobile’s appeal, however, has been less fruitful, with court judges rejecting the company’s calls to overturn or reduce the fines.

“[T-Mobile and Sprint] argue that the undisputed facts do not amount to a violation of the law,” U.S. District Court Judge Florence Pan  wrote in the court’s opinion. “The carriers also argue that the commission misinterpreted the Communications Act, miscalculated the penalties and violated the Seventh Amendment by not affording them a jury trial. Because the carriers’ arguments lack merit, we deny the petitions for review.”

In addition, the judges claimed that the operators continued to sell CLI, even after becoming aware of its misuse.

“Several bad actors abused Sprint and T-Mobile’s programs to illicitly access CLI without the customers’ knowledge, let alone consent. And even after Sprint and T-Mobile became aware of those abuses, they continued to sell CLI for some time without adopting new safeguards,” said the judges in their ruling.

T-Mobile has not yet indicated whether it will continue to appeal the decision.

With AT&T’s fine overturned and T-Mobile’s now upheld, eyes will now turn to Verizon, which is currently contesting its $47 million fine in a separate court.

Keep up with all the latest telecoms news with the Total Telecom newsletter

Also in the news:
US judge rules Huawei must face charges of fraud and racketeering
Optus ditches football rights to focus on telecoms
Nokia launches digital twin platform Enscryb to digitalise energy sector

Original article ISPreview UK:Read More

Mobile network operator O2 (Virgin Media) and partner Freshwave have today revealed that they’re in the process of upgrading their 4G and 5G mobile (mobile broadband) network for visitors to 22 Haven holiday parks across the UK “ahead of a summer of staycations“. We’ll overlook that it’s already the latter half of summer and the deployment won’t finish until 2026.

Freshwave typically deploys small cell style solutions, which are akin to small shoebox sized mobile (radio) base stations that are designed to deliver limited coverage (usually up to around 100 metres) and thus tend to be more focused on busy areas and specific sites – it’s not uncommon to find these sitting on top of lampposts, CCTV poles or old payphone cubicles (more cost-effective than building new street assets).

Four sites have already gone live with improved 5G, with more expected to follow this summer and during early 2026. The first upgraded sites include Thornwick Bay Holiday Park in Yorkshire and Skegness Holiday Park in Lincolnshire, but a full list wasn’t available.

James Bromley, Chief Product and Technology Officer at Haven, said:

“We’re delighted to be working with O2 and Freshwave to bring enhanced mobile connectivity to our parks. Our guests and owners expect to stay connected, whether it’s sharing memories, streaming entertainment, or working remotely. I’m delighted that our investment in our parks has attracted O2 to ensure we’re delivering the best possible experience for families choosing to holiday or own at our parks.”

The upgrades form part of O2’s wider Mobile Transformation Plan, which is investing around £700m this year into their national mobile network – “ensuring it is fit for the future and can keep up with increasing customer demand“. Naturally, we’d hope that EE are also working to deliver strong signals and performance across the same parks, while Vodafone did something similar last year (here).

Original article ISPreview UK:Read More

A new survey of 200 “senior telecom decision-makers” from the USA, UK, and Australia, which was conducted by network technology firm RtBrick, has claimed that broadband ISP and mobile operators are at risk of being “overwhelmed by the demands of AI and streaming bandwidth” in the next 5 years – around 80% of respondents expect it to “crush” today’s networks.

According to RtBrick’s State of Disaggregation’ Report, the survey finds fault with people and processes. Top of the list is a lack of backing and appetite to change from leadership (93%); crippling complexity around operational transformation (42%) – ranging from redesigning architectures and workflows, to retooling how networks are monitored, automated, and supported – and a shortage of specialist skills/staff (38%) – necessary to design, deploy, and operate next-generation networks.

The result is said to be an “industry that knows what to do, has the budget to do it, yet struggles with execution“. At the same time, the data also appears to indicate that customer expectations may be “rising faster than the networks designed to meet them“.

The survey finds that almost 87% of respondents expect customers to demand significantly higher broadband speeds by 2030, while 79% believe those customers will pay more for it. But we have our doubts about the expectation vs reality of this. Multi-gigabit broadband speeds are already a thing in the UK for those covered by FTTP, and the vast majority would struggle to fully harness even 1Gbps, let alone several gigabits. On the other hand, marketing departments may well fuel a battle over the pursuit of ever-faster speeds, regardless of whether people can actually utilise it.

At the same time, aggressive competition in the UK is also keeping prices low, and we can’t currently see either AI or Streaming fuelling a massive increase in demand above existing levels – at least not at the consumer level (businesses may be different). Instead, we’d expect consumer demand to continue growing roughly aligned to current trends, but there’s admittedly no accounting for any unexpected developments that might crop up.

Back to the survey and half of all leaders admit they still lack confidence in delivering services at a viable cost, while 84% say customer expectations are already outpacing their networks (we’ve yet to see much hard evidence for that), and 81% concede their current architectures are nowhere near ready for the next wave of AI and streaming traffic.

Pravin S Bhandarkar, CEO and Founder of RtBrick, said:

“Senior leaders, engineers, and support staff inside operators have made their feelings clear: the bottleneck isn’t capacity, it’s decision-making. Disaggregated networks are no longer an experiment. They’re the foundation for the agility, scalability, and transparency operators need to thrive in an AI-driven, streaming-heavy future.”

The term disaggregated networks typically refers to a network architecture where hardware and software components are separated, which allows for more flexibility, scalability, and cost-effectiveness compared to traditional systems. This is not to be confused with software-defined networking, although they are related concepts that can work together.

Additional Survey Highlights

➤ 91% are willing to invest in disaggregation, and 95% plan to deploy within five years, with 90% saying it needs to happen faster than currently planned.

➤ Only one in fifty senior leaders has confirmed they’re “in deployment” with disaggregation today (quite a few of the biggest market players are doing this), while 49% remain stuck in early-stage “exploration”, and 38% are still “in planning”.

➤ Every leader surveyed claimed they’re “using” or “planning to use” AI in network operations, from planning and optimisation to fault resolution. But 93% say they cannot unlock AI’s full value without richer, real-time network data. Meanwhile, 50% say their infrastructure must become AI-ready, while 37% highlight the urgent need for stronger real-time analytics capabilities to realise AI’s true potential.

➤ When asked what they expect disaggregation to deliver, operators focused on outcomes that map directly to board-level priorities:

• 54% want more automation
• 54% want stronger supply chain resilience
• 51% want better energy efficiency
• 48% want lower CapEx and OpEx
• 33% want to break vendor lock-in

Transformation priorities align with those goals, with automation and agility (57%) ranked first, followed by vendor flexibility (55%), cost efficiency and sustainability (45%).

➤ 90% of operators are demanding that their traditional vendors provide disaggregated options within three years.

Naturally, RtBrick could be said to have a vested interest in the results of this survey (they sell some related solutions), which may well also be at risk of a selection bias. At the same time, it’s worth remembering that most networks go through big core upgrades every few years and will ultimately adapt to requirements, just as they’ve always done.

In the end we highly doubt that any UK providers will face a network “crush” and, indeed, the survey might have produced more reflective results by filtering out to focus more on the network engineers (instead of company bosses) and splitting the results by country (the USA, UK and Australia have quite a few differences).

Original article ISPreview UK:Read More

Digital banking company Monzo has revealed that they’ve begun to “explore” how they could launch their own mobile provider in the UK, which seems likely to echo the approach that rival banking and money management app Revolut recently began to take (here); although we’re still waiting for the latter to take their training wheels off.

“When we heard from our customers that mobile contracts can be a pain point, we set out to explore how we could do this the Monzo way,” said the banking company to the FT (paywall), before adding that they are now in the “early stages” of developing such a proposal.

The newspaper indicates that this would take the form of a digital SIM and offering monthly contracts, which we take to mean a eSIM-only proposition like Revolut’s approach. This would inevitably take the form of a Mobile Virtual Network Operator (MVNO) agreement, although it’s not yet known whether they’d be working with EE, O2 or VodafoneThree to deliver this.

The UK market currently seems to have no shortage of virtual mobile providers, which would normally make it difficult for new entrances to establish themselves. But Monzo, not unlike Revolut, would benefit from being able to promote this service to an already well-established customer base – possibly alongside some unique incentives.