GREEN BAY (WLUK) — Wednesday marked two weeks since an outage impacting Cellcom customers first began as the result of a cyber incident.
The company said in a post Tuesday that most customers should have regained full service again. But by and large, a lack of communication from Cellcom throughout the cyber incident has been customers’ biggest complaint.
However, there may be a legal reason behind that strategy.
May 14 marked the first day of the Cellcom outage, leaving many customers’ phones without service and the inability to make phone calls and send text messages. It took until May 20 for Cellcom CEO Brighid Riordan to speak publicly for the first time, announcing the cause of the outage.
“The cyber incident that we’re experiencing is segmented to the voice and texting part of your service… We were prepared for this, we were prepared for these incidents and we are rolling our protocol through this,” Riordan said.
Riordan said Cellcom reported the incident to the FBI.
“The more the company talks, the harder it’s gonna make it on the Bureau, and the bad guys are going to know,” said Jack Jupin, a retired FBI agent and president/CEO of Jupin International.
Jupin said cyber security is one of the biggest threats in the United States right now. When a cyber security incident like this happens to a company, they’re being directed by the FBI to keep quiet.
“Everybody says, ‘Well, I want more information about it.’ Well, they can’t give information about it because it’s an FBI investigation, so they can’t give any information out. The FBI won’t allow that,” Jupin said.
As a Cellcom customer, WLUK-TV FOX 11 received a letter Wednesday from Cellcom. This letter addressed the company’s lack of communication and attributed their silence to exactly what Jupin described.
The letter reads, in part:
This wasn’t a typical outage. It was the result of a cyber incident, which has been reported to federal authorities including the FBI, FCC, CISA as well as state and local officials. In that, we now stand alongside countless other critical infrastructure providers who have been disrupted and forced to confront the growing reality of sophisticated threats driven by forces beyond our control, intent on destabilizing the systems we all rely on. Unfortunately, cyberattacks like this are impacting companies across industries and across the country, no matter the size…
Our teams acted quickly, engaged global and national cybersecurity experts, a cyber incident response team and followed federal industry protocols. We immediately reached beyond our own walls to ensure we had the best resources working with us. We worked with urgency and care to restore service as securely and swiftly as possible. Because of their tireless work, we’re confident the impact was far less severe than it could have been.
Due to the nature of the incident and the ongoing investigation, we remain limited in the level of detail we can provide. We understand this is different than the transparency you’ve come to expect from us.
Jupin said the fact that Cellcom has said anything at all is impressive, considering most companies don’t go public with this kind of information.
When the FBI takes on a cyber investigation, they send out their Computer Analysis and Response Team (CART) to check all systems and look for any bit of evidence to lead them back to the perpetrator.
The issue? 99% of cybercriminals act from overseas, according to Jupin.
“Will we find out? Yeah, eventually we’ll find out who did it. Are you going to put somebody in jail over this? Probably not. But, they’re gonna stop the bleeding and you’re not gonna pay the ransom,” Jupin said.
Jupin warned if a ransom is paid, cyber criminals are more likely to attack again. Cyber incidents like these are becoming more common, with thousands happening each year. Not only because of the money, but also the convenience.
“If you’ve got the smart guy in the room, it’s easy and the repercussions are slim-to-none,” Jupin said.
Jupin said the investigation into Cellcom’s cyber incident could take months.
FOX 11 reached out to Cellcom for an interview Wednesday, but we were told they’re still not taking interviews at this time. FOX 11 also reached out to the FBI Milwaukee Division Wednesday for an interview, but they declined to comment.
Below is the full letter FOX 11 received Wednesday from Cellcom.
To Our Valued Business Partners,
First and foremost, thank you for your patience, your honesty and the trust you’ve placed in us, especially over these past few weeks.
We’re actively in outage recovery mode, working around the clock to fully restore service, rebuild trust and support our customers. As you may have experienced, voice and messaging services are performing well, with the exception of Wi-Fi calling, which remains part of our final stages of restoration. While we can’t undo the impact, we are working on ways to support our business customers, and you’ll hear more on that from us later this week.
We know this outage wasn’t just inconvenient, it disrupted your operations, strained your teams and shook confidence. We not only hear that – we are living it with you. Like you, we’re a local business, deeply connected to the communities we serve. The disruption is real, and we’re genuinely sorry for the hardship this caused.
This wasn’t a typical outage. It was the result of a cyber incident, which has been reported to federal authorities including the FBI, FCC, CISA as well as state and local officials. In that, we now stand alongside countless other critical infrastructure providers who have been disrupted and forced to confront the growing reality of sophisticated threats driven by forces beyond our control, intent on destabilizing the systems we all rely on. Unfortunately, cyberattacks like this are impacting companies across industries and across the country, no matter the size. What made us a target is the essential nature of the networks we operate and protect.
Our teams acted quickly, engaged global and national cybersecurity experts, a cyber incident response team and followed federal industry protocols. We immediately reached beyond our own walls to ensure we had the best resources working with us. We worked with urgency and care to restore service as securely and swiftly as possible. Because of their tireless work, we’re confident the impact was far less severe than it could have been.
Due to the nature of the incident and the ongoing investigation, we remain limited in the level of detail we can provide. We understand this is different than the transparency you’ve come to expect from us. A news article linked below might help provide some context around why communication was different this time.
That said, your expectations are valid. As a community-oriented business ourselves, we share many of the same values: putting people first, showing up when it matters most and finding strength together. In challenging moments like this, community matters more than ever. Cyber threats aim to divide and disrupt, but standing together, supporting one another and staying connected is how we push back and move forward.
We’re grateful to those who have stayed in dialogue with us, and we’re committed to earning your continued trust. We’re not just working to restore service, we’re working to restore relationships. And while that can’t happen overnight, we’re confident we’ll come through this stronger than before, with the same unwavering commitment to extraordinary service.
