Cyber Incident
Answering your key questions
About our ongoing cyber incident
Last updated: 17:00 BST, 20th August, 2025
A cyber incident has affected our business support systems, which are separate from our customers' infrastructure. We took immediate proactive measures to ensure the safety of our customers, colleagues, and business, and we proactively notified the relevant authorities.
Through our extensive investigation, we have determined that some data has been taken. Our priority is to determine at pace the precise nature of the data that is impacted and notify any affected parties.
Our dedicated incident response team, including external investigators and forensic experts, is working to investigate this incident. This has, and will continue, 24/7.
We continue to work closely with law enforcement agencies as part of our investigation.
What has happened
We recently experienced a cyber incident on a business support system, which is separate to our customers' infrastructure. Upon detecting the incident, we immediately took steps to contain and investigate the issue.
We are now aware that the threat actor has accessed certain files that may contain data related to our customers. Our immediate priority is to determine the precise nature of the files and what information they contain.
How we responded
On identification of the incident, we took significant actions and protective measures in response to ensure the security of our customers, colleagues and business:
We would like to reassure you that this cyber incident is limited to our business support systems which are strictly separated from our customer infrastructure, ensuring that authentication systems are not shared between the two environments.
Service impact
As part of our response, we proactively took some systems offline – which has led to disruption to some of our Business Support Services.
As a result, customers may find the following services unavailable:
Colt Online customer portal
Number Hosting APIs
Colt On Demand (NaaS portal)
Ordering and delivery of new services
In addition, several of our customer-focused automated processes and systems have been taken offline as part of our response effort. As a result, it is taking us longer to respond and resolve to customer inquiries and requests.
Frequently asked questions
We first became aware of an issue on the morning of 12 August. As soon as it was clear that the issue was significant - at around 11AM - we mobilised our major incident response process. The dedicated response team have been mitigating the impacts of the incident as well as taking all possible steps to ensure the security of customers, partners and staff. As investigations have proceeded, we have gathered enough evidence to suggest the root cause of the issue was a cyber incident.
We have taken significant actions in response:
1. Full Incident Management Mobilisation:
We have immediately activated our incident management process, bringing together our most experienced personnel - including our Executive team - to coordinate the response and recovery efforts. As part of this we have established a dedicated incident response team operating 24/7.
2. Specialist Expertise:
We have engaged external investigators and forensic experts to conduct a thorough investigation and support our service restoration.
3. Precautionary System Shutdown:
As a precautionary measure, we have temporarily shut down several systems, applications, and network links.
4. Employee Communication and Guidance:
Detailed instructions and guidance have been provided to all employees to ensure they understand the situation and take appropriate action to safeguard our customers and business.
5. Enhanced Security Measures:
We have implemented a series of tactical and emergency containment measures. This includes actions related to detection capabilities, access controls, security visibility, and overall security controls.
6. Law Enforcement and Regulatory Notifications:
We have promptly notified law enforcement agencies, the National Cyber Security Centre (NCSC) in the UK and appropriate regulatory bodies to ensure appropriate legal and regulatory compliance and to leverage their expertise in the investigation and response.
We have isolated and temporarily closed down many of our business support systems to maintain customer security, some elements of service our unavailable. These include:
1. Colt Online
While this platform is offline we ask customers to raise issues with out team via phone or email.
2. Number Hosting API platform:
Our Number Hosting API platform is currently not available to any customers.
3. Colt On Demand & Voice On Demand
Both our On Demand (NaaS) & Voice On Demand portals are currently not available to any customers.
There are other impacts on our customers, primarily that we have temporarily suspended access to our quoting and ordering systems, so we cannot take new customer orders currently.
The delivery of new services, which have been already ordered will (in most cases) be rescheduled.
Our operations teams are still accepting phone calls and emails from customers. However please be aware that it will take us longer to respond and resolve than usual as many of our automated processes and systems have been taken temporarily offline.
We’re working around the clock to restore our systems. It’s too early to give an exact timeline at the moment, but we’ll provide regular updates to keep you informed.
A criminal group has accessed certain files from our systems that may contain information related to our customers and posted the document titles on the dark web.
We understand that this is concerning for you.
Customers are able to request a list of filenames posted on the dark web from the dedicated call centre.
Contacting us
Our account teams, customer success and operations teams remain available for our customers.
As we have taken many of our business support systems down to safeguard customer security and accelerate service restoration, our responses will take longer than they usually would. We are grateful for your patience as we resolve this issue.
We have set up a dedicated telephone line to help answer any questions you may have.
United Kingdom
Get in touch with us via the below options:
France
Get in touch with us via the below options:
Germany
Get in touch with us via the below options:
Italy
Get in touch with us via the below options:
Spain
Get in touch with us via the below options:
Japan / APAC
Get in touch with us via the below options:
United States
Get in touch with us via the below options:
We are working around the clock to resolve this issue and restore services. We advise our customers to check our Status page and to look out for further communications.
