Cellcom Service Disruption Caused by Cyberattack

Wisconsin telecommunications provider Cellcom has confirmed that a cyberattack is responsible for a service outage it has been dealing with for the past week.

Both voice and text services have been down for the wireless carrier’s customers in Wisconsin and Upper Michigan, and the company has started to slowly restore some of them over the past couple of days.

“We experienced a cyber incident. While this is unfortunate, it’s not something we were unprepared for. We have protocols and plans in place for exactly this kind of situation,” Cellcom CEO Brighid Riordan said in a letter (PDF) to customers.

The carrier says it has notified the relevant authorities of the attack and has been working with external cybersecurity experts to investigate the incident and restore the impacted services.

Cellcom says that no customer data appears to have been stolen, as the attack impacted a network segment where no sensitive customer information is stored.

“We have no evidence that personal information related to you, your name, your addresses, your financial information, is impacted by this event,” the company said.

While some of the services have been restored, Cellcom said it may return to normal operations by the end of the week, but could not provide a specific estimate.

“We achieved a major milestone last night. We are building on that success and expect to have the rest of service restored this week. Every part of this recovery is being handled with care and precision — we will not rush anything that compromises safety, security, or trust,” the carrier said.

The company also said it would provide updates on both the restoration efforts and its investigation into the cause of the incident, but shared no details on the type of cyberattack it fell victim to.

The widespread outage, however, suggests that ransomware might have been involved. SecurityWeek has not seen any known ransomware groups claiming the attack.

Our attempts to contact Cellcom for a statement have been unsuccessful, as their public relations email address is configured to receive messages from addresses within the organization or allowed senders only.

Related: African Telecom Giant MTN Group Discloses Data Breach

Related: Korean Telco Giant SK Telecom Hacked

Related: New Ransomware Group Claims Attack on US Telecom Firm WideOpenWest

Related: Chinese APT Weaver Ant Targeting Telecom Providers in Asia