BT Group
Company Details
Linkedin ID:
bt
Website:
Employees number:
72,954
Number of followers:
837,532
NAICS:
517
Industry Type:
Homepage:
bt.com
IP Addresses:
183
Company ID:
BT _1397370
Scan Status:
Completed
Internal validation & live display
Multiple badges & continuous verification
Faster underwriting decisions
BT Group Vendor Cyber Rating & Cyber Score
bt.comWe’re one of the world’s leading communications services companies. At BT Group, the solutions we sell are integral to modern life. Our purpose is as simple as it is ambitious: we connect for good. There are no limits to what people can do when they connect. And as technology changes our world, connections are becoming even more important to everyday life. Today, that’s truer than ever. The connections we make are helping solve the world’s biggest challenges such as the global pandemic, climate change and cyber security. Through the power of technology, we’re supporting customers to live, work and play together better.
BT Group A.I CyberSecurity Scoring
BT Group Risk Score (AI oriented)Between 700 and 749
BT Group
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
BT Group Global Score (TPRM)XXXX
BT Group
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
BT Group Company CyberSecurity News & History
Past Incidents
3
Attack Types
3
Westermo IrelandBT OpenReach and Virtual Access: ATM flashes a port or two for the enterprising hacker
Vulnerability
Rankiteo Explanation
Attack limited on finance or reputation
Description: Exposed ATM Router Raises Man-in-the-Middle Attack Risks A recent discovery highlights a critical hardware security oversight in an ATM installation, where a business-grade router was left exposed to potential tampering. Spotted by a *Register* reader, the device a GW6650V series router from Virtual Access was mounted atop an ATM, with cables visibly connected to a BT OpenReach socket and an Ethernet port. While the router itself is designed for financial applications, featuring dual SIM slots for redundancy and advanced security, its physical placement poses significant risks. The exposed ports and cabling create an ideal target for man-in-the-middle attacks, where attackers could intercept or manipulate transactions. Beyond cyber threats, the setup is vulnerable to physical tampering, including vandalism or accidental disruptions from the public. The incident underscores how even secure hardware can be compromised by poor installation practices, particularly in high-risk environments like ATMs. No outdated software was at fault this was purely a hardware deployment failure. The location remains undisclosed to prevent exploitation, but the case serves as a stark reminder of the importance of secure physical infrastructure in financial systems.
BT Group
Ransomware
Rankiteo Explanation
Attack threatening the organization’s existence
Description: BT Group experienced a ransomware attack from the Black Basta group, leading to the shutdown of some of its servers. This cyberattack put sensitive data at risk, with the group claiming to have stolen 500GB encompassing financial data, organizational records, user and personal documents, NDAs, and confidential information. Although live BT Conferencing services remained operational and other customer services were unaffected, the incident raises concerns about potential data breaches and the overall cybersecurity posture of the company. Screenshots of the compromised data, including passports, were published as proof of the attack.
EE
Data Leak
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: A vital code system with a default password has been left exposed online by the EE operator, the biggest cellular network operator in the UK, which serves almost 30 million users. According to reports, EE, the massive British mobile network, left a crucial code repository on an open-source tool that is password-protected by default. Malicious hackers can use this to examine the source code and find weaknesses in it. An attacker might use the keys' accessibility to examine the employee payment systems' code and find weaknesses that they could use for malevolent intent.
BT Group Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for BT Group
Incidents vs Telecommunications Industry Average (This Year)
No incidents recorded for BT Group in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for BT Group in 2026.
Incident Types BT Group vs Telecommunications Industry Avg (This Year)
No incidents recorded for BT Group in 2026.
Incident History — BT Group (X = Date, Y = Severity)
BT Group cyber incidents detection timeline including parent company and subsidiaries
BT Group Company Subsidiaries
We’re one of the world’s leading communications services companies. At BT Group, the solutions we sell are integral to modern life. Our purpose is as simple as it is ambitious: we connect for good. There are no limits to what people can do when they connect. And as technology changes our world, connections are becoming even more important to everyday life. Today, that’s truer than ever. The connections we make are helping solve the world’s biggest challenges such as the global pandemic, climate change and cyber security. Through the power of technology, we’re supporting customers to live, work and play together better.
Loading...
BT Group Similar Companies
Vodafone Idea Limited is an Aditya Birla Group and Vodafone Group partnership. It is India’s leading telecom service provider. The Company provides pan India Voice and Data services across 2G, 3G and 4G platform. With the large spectrum portfolio to support the growing demand for data and voice, the
Deutsche Telekom
Welcome to Deutsche Telekom. As one of the world's most valuable brands, we design innovative solutions and products in the areas of connectivity, networks, digitalization and security. #connectingyourworld At Deutsche Telekom, we believe that each and every one of us has the power to move society
vivo
vivo is a technology company that creates great products based on a design-driven value, with smart devices and intelligent services as its core. The company aims to build a bridge between humans and the digital world. Through unique creativity, vivo provides users with an increasingly convenient mo
Vivo (Telefônica Brasil)
Vivo (Telefônica Brasil) is part of the Telefónica Group and with more than 94 million customers, of which 75 million mobile and 19 million fixed, we are the largest telecommunications company in Brazil, with nationwide presence and a complete, convergent portfolio of products, combining fixed, mobi
Telcel
Telcel (Radiomóvil Dipsa) es subsidiaria de América Móvil, uno de los mayores proveedores de comunicaciones celulares de Latinoamérica, grupo líder con inversiones en telecomunicaciones en varios países del continente americano. Telcel es la empresa de telefonía celular líder en México. Nuestra s
We are driving the digital transition of Italy and Brazil with innovative technologies and services because we want to contribute to accelerating the sustainable growth of the economy and society by bringing value and prosperity to people, companies and institutions. We offer diversified solutions
e& Egypt
Building on 17 years of technology excellence in the Egyptian market, and in our relentless quest to bring you more and better services, etisalat by e& in Egypt has now evolved into the digital telco of the future. Covering and serving 99% of the inhabited areas in Egypt, our mission as etisalat b
A1 Telekom Austria Group
WE ARE EMPOWERING DIGITAL LIFE We don't know what the world will look like in 2050, but we know that A1 Telekom Austria Group is geared up for current and future demands. We are a leading provider of digital services and communications solutions in Central and Eastern Europe, offering a state-of-t
About Motorola Solutions | Solving for safer Safety and security are at the heart of everything we do at Motorola Solutions. We build and connect technologies to help protect people, property and places. Our solutions foster the collaboration that’s critical for safer communities, safer schools, sa
.png)
BT Group CyberSecurity News
March 24, 2026 07:59 PM
BT signs £200m connectivity contract with Northern Ireland Electricity Networks
BT will also provide cybersecurity and IT services to NIE Networks.
March 24, 2026 12:25 PM
BT urges customers to complete 'quick' check this month in new alert
BT customers have been urged to take steps to 'prevent big risks tomorrow'. Issuing an alert for social media users, BT encouraged customers...
March 24, 2026 10:27 AM
BT announces £200 million deal with Northern Ireland Electricity Networks
Network provider to deliver enhanced connectivity, cybersecurity and IT to support critical services for homes and businesses across the...
March 24, 2026 09:52 AM
New BT alert as customers told to take action to 'prevent big risks tomorrow'
BT customers have been advised to take action to 'prevent big risks tomorrow'. Sharing a warning for social media users, BT urged customers...
February 09, 2026 08:00 AM
BT opens 2026 tech careers at flagship Salford hub
BT opens 2026 tech graduate and apprentice roles at its flagship Salford hub, backing Greater Manchester's cyber and AI ambitions.
February 09, 2026 08:00 AM
Shortlist: Most Inspiring Women in Cyber Awards 2026
We're pleased to announce the shortlist for this year's Most Inspiring Women in Cyber Awards! This year's awards are sponsored by BT,...
January 15, 2026 08:00 AM
Sitehop bolsters team with key appointments - scaling up following successful BT trial
Sheffield-based cybersecurity company Sitehop has made a senior appointment as it seeks to scale up following a successful trial with BT.
January 12, 2026 08:00 AM
22nd Century Technologies acquires BT Federal to expand federal network services
22nd Century Technologies' acquisition of BT Federal marks a major expansion in secure federal networking and government IT modernization.
January 11, 2026 08:00 AM
BT Group plc: Can Britain’s Legacy Telecom Giant Reinvent Itself for the Fiber and 5G Era?
BT Group plc is racing to transform from an old-guard telco into a digital infrastructure platform, betting on full-fiber, 5G and enterprise...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
BT Group CyberSecurity History Information
Official Website of BT Group
The official website of BT Group is https://www.bt.com/about.
BT Group’s AI-Generated Cybersecurity Score
According to Rankiteo, BT Group’s AI-generated cybersecurity score is 747, reflecting their Moderate security posture.
How many security badges does BT Group’ have ?
According to Rankiteo, BT Group currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has BT Group been affected by any supply chain cyber incidents ?
According to Rankiteo, BT Group has been affected by a supply chain cyber incident involving Westermo Ireland, with the incident ID VIROPE1769597077.
Does BT Group have SOC 2 Type 1 certification ?
According to Rankiteo, BT Group is not certified under SOC 2 Type 1.
Does BT Group have SOC 2 Type 2 certification ?
According to Rankiteo, BT Group does not hold a SOC 2 Type 2 certification.
Does BT Group comply with GDPR ?
According to Rankiteo, BT Group is not listed as GDPR compliant.
Does BT Group have PCI DSS certification ?
According to Rankiteo, BT Group does not currently maintain PCI DSS compliance.
Does BT Group comply with HIPAA ?
According to Rankiteo, BT Group is not compliant with HIPAA regulations.
Does BT Group have ISO 27001 certification ?
According to Rankiteo,BT Group is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of BT Group
BT Group operates primarily in the Telecommunications industry.
Number of Employees at BT Group
BT Group employs approximately 72,954 people worldwide.
Subsidiaries Owned by BT Group
BT Group presently has no subsidiaries across any sectors.
BT Group’s LinkedIn Followers
BT Group’s official LinkedIn profile has approximately 837,532 followers.
NAICS Classification of BT Group
BT Group is classified under the NAICS code 517, which corresponds to Telecommunications.
BT Group’s Presence on Crunchbase
No, BT Group does not have a profile on Crunchbase.
BT Group’s Presence on LinkedIn
Yes, BT Group maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/bt.
Cybersecurity Incidents Involving BT Group
As of April 02, 2026, Rankiteo reports that BT Group has experienced 3 cybersecurity incidents.
Number of Peer and Competitor Companies
BT Group has an estimated 10,042 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at BT Group ?
Incident Types: The types of cybersecurity incidents that have occurred include Data Leak, Vulnerability and Ransomware.
Incident Details
Can you provide details on each incident ?
Title: EE Operator Code Repository Exposure
Description: A vital code system with a default password has been left exposed online by the EE operator, the biggest cellular network operator in the UK, which serves almost 30 million users.
Type: Data Exposure
Attack Vector: Exposed Default Password
Vulnerability Exploited: Default Password on Code Repository
Threat Actor: Unknown
Motivation: Unintentional Exposure
Title: BT Group Ransomware Attack
Description: BT Group experienced a ransomware attack from the Black Basta group, leading to the shutdown of some of its servers. This cyberattack put sensitive data at risk, with the group claiming to have stolen 500GB encompassing financial data, organizational records, user and personal documents, NDAs, and confidential information. Although live BT Conferencing services remained operational and other customer services were unaffected, the incident raises concerns about potential data breaches and the overall cybersecurity posture of the company. Screenshots of the compromised data, including passports, were published as proof of the attack.
Type: Ransomware
Threat Actor: Black Basta group
Title: Exposed ATM Router Raises Man-in-the-Middle Attack Risks
Description: A recent discovery highlights a critical hardware security oversight in an ATM installation, where a business-grade router was left exposed to potential tampering. The device, a GW6650V series router from Virtual Access, was mounted atop an ATM with cables visibly connected to a BT OpenReach socket and an Ethernet port. This exposed setup poses significant risks for man-in-the-middle attacks and physical tampering.
Type: Hardware Security Oversight
Attack Vector: Physical TamperingMan-in-the-Middle Attack
Vulnerability Exploited: Poor physical installation of hardware
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Vulnerability.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Exposure EE410251223
Data Compromised: Source code, Employee payment systems code
Systems Affected: Code Repository
Incident : Ransomware BT000120524
Data Compromised: Financial data, Organizational records, User and personal documents, Ndas, Confidential information
Incident : Hardware Security Oversight VIROPE1769597077
Systems Affected: ATM network infrastructure
Operational Impact: Potential transaction interception or manipulation
Brand Reputation Impact: Potential reputational damage due to security oversight
Identity Theft Risk: Potential risk if transactions are intercepted
Payment Information Risk: High risk of payment data interception
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Source Code, Employee Payment Systems Code, , Financial Data, Organizational Records, User And Personal Documents, Ndas, Confidential Information and .
Which entities were affected by each incident ?
Incident : Data Exposure EE410251223
Entity Name: EE Operator
Entity Type: Telecommunications Company
Industry: Telecommunications
Location: UK
Customers Affected: Almost 30 million users
Incident : Hardware Security Oversight VIROPE1769597077
Entity Type: Financial Institution
Industry: Banking/Finance
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Exposure EE410251223
Type of Data Compromised: Source code, Employee payment systems code
Incident : Ransomware BT000120524
Type of Data Compromised: Financial data, Organizational records, User and personal documents, Ndas, Confidential information
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : Ransomware BT000120524
Data Exfiltration: True
Lessons Learned and Recommendations
What lessons were learned from each incident ?
Incident : Hardware Security Oversight VIROPE1769597077
Lessons Learned: The incident underscores the importance of secure physical infrastructure in financial systems, even when using secure hardware.
What recommendations were made to prevent future incidents ?
Incident : Hardware Security Oversight VIROPE1769597077
Recommendations: Ensure proper physical installation of hardware in high-risk environments like ATMs to prevent tampering and interception risks.
What are the key lessons learned from past incidents ?
Key Lessons Learned: The key lessons learned from past incidents are The incident underscores the importance of secure physical infrastructure in financial systems, even when using secure hardware.
What recommendations has the company implemented to improve cybersecurity ?
Implemented Recommendations: The company has implemented the following recommendations to improve cybersecurity: Ensure proper physical installation of hardware in high-risk environments like ATMs to prevent tampering and interception risks..
References
Where can I find more information about each incident ?
Incident : Hardware Security Oversight VIROPE1769597077
Source: The Register
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: The Register.
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Hardware Security Oversight VIROPE1769597077
Root Causes: Poor physical installation of hardware in a high-risk environment
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident were an Unknown and Black Basta group.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Source Code, Employee Payment Systems Code, , financial data, organizational records, user and personal documents, NDAs, confidential information and .
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Code Repository and .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were financial data, organizational records, confidential information, user and personal documents, NDAs, Source Code and Employee Payment Systems Code.
Lessons Learned and Recommendations
What was the most significant lesson learned from past incidents ?
Most Significant Lesson Learned: The most significant lesson learned from past incidents was The incident underscores the importance of secure physical infrastructure in financial systems, even when using secure hardware.
What was the most significant recommendation implemented to improve cybersecurity ?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Ensure proper physical installation of hardware in high-risk environments like ATMs to prevent tampering and interception risks..
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is The Register.
.png)
Latest Global CVEs (Not Company-Specific)
Description
A vulnerability was found in Nothings stb up to 1.26. Impacted is the function stbtt_InitFont_internal in the library stb_truetype.h of the component TTF File Handler. Performing a manipulation results in out-of-bounds read. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
Risk Information
cvss2
Base: 5.0
Severity: LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read in VS6ComFile!get_macro_mem_COM. Opening a crafted V7 file may lead to information disclosure from the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CSaveData::_conv_AnimationItem. Opening a crafted V7 file may lead to arbitrary code execution on the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6MemInIF!set_temp_type_default. Opening a crafted V7 file may lead to information disclosure from the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6ComFile!load_link_inf. Opening a crafted V7 file may lead to information disclosure from the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=bt' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
