Cyber criminals attack conglomerate

The Massy Group says that on two occasions earlier this year, cyber criminals attacked the company’s systems. However, the regional company says its teams are working vigorously to ensure its data is secure from future attacks.

The revelation was outlined in the conglomerate’s 2022 annual report, as the Trinidad and Tobago-headquartered group of companies addressed matters of corporate risk.

Massy employs 13 000 workers in 60 companies across the Caribbean and Latin America. Its lines of business include integrated retail, gas products, motors, financial services and real estate. The bulk of its profits are derived from Trinidad and Tobago at 43 per cent, followed by Barbados and the Eastern Caribbean at 22 per cent, Guyana at 22 per cent and Colombia and Jamaica contributing six per cent each to the group’s bottomline.

According to the regional company: “Massy had begun to take steps to tighten its IT security controls when in April 2022, the Group was the victim of cyber-attacks which targeted the Integrated Retail Portfolio in Trinidad.

“While this attack was a blow to our IT professionals who had already started to improve their security controls, the business continuity and financial impact could have been worse if the business and IT teams had not been working on security improvements. Notwithstanding, the attack did have a financial impact from the temporary interruption of business.”

The company disclosed it was again hit by cyber-criminals, though it did not specify which section of its business was impacted in the second attack.

“The impact of these attacks has been mainly operational and reputational damage. Massy takes the privacy of its data seriously and we understand that we must work hard to earn and maintain the confidence of our customers, employees, suppliers, and other stakeholders to protect their data as well,” the report stated.

Through its enterprise risk management framework, Massy said it has a formal process for monitoring risks facing the group and mitigating those challenges.

Reflecting on the increasing number of cyber-attacks impacting the public and private sectors, Massy pointed out: “While this risk is always present, the increasing number of attacks globally and in the region meant that the likelihood of being attacked by threat attackers was increasing.”

It added that the company was still a “learning organisation” and over the last year, it improved its understanding of cyber security risks and is quickly fortifying its cyber-environment to be more resilient.

“We know that this is an ongoing process of assessing our vulnerabilities and taking steps to ensure that there is a robust governance, risk and control framework in operation to defend against future threats,” the group added. (IMC1)