This article was published on October 23, 2015

4m TalkTalk customers’ details may have been stolen in latest breach [Update: Ransom demanded]


4m TalkTalk customers’ details may have been stolen in latest breach [Update: Ransom demanded]

UK phone and broadband provider TalkTalk said its site was the target of a “significant and sustained cyberattack” on Wednesday, and there’s a chance that all four million of its customers’ personal information, including credit card details, may have been accessed.

The company took down its sites yesterday and has been working to secure its systems and subsequently bring them back online. The Metropolitan Police Cyber Crime Unit is investigating the matter but hasn’t yet been able to ascertain just how many customers’ account details may have been compromised.

TalkTalk notes that not all of its data was encrypted, which means that the attackers could easily parse some of the user information — which includes names, physical and email addresses, birth dates, phone numbers and bank details.

As is the case with such incidents, customers are now at risk of becoming victims of identity fraud. To that end, TalkTalk is looking to organise a year’s free credit monitoring for all customers.

In February, TalkTalk suffered a breach in which customer details were stolen and used by scammers to secure additional information and to steal considerable sums of money as well.

Is TalkTalk squarely at fault for the breach? “Unfortunately, cyber crime is the crime of our generation. There were 625,000 cyber offences each month in the UK this summer,” said CEO Dido Harding in a public announcement on BBC.

It’s true that attacks are on the rise and are becoming increasingly more sophisticated. What’s worrying in this instance is that the hackers not only managed to gain entry into TalkTalk’s systems but were also able to access unencrypted private data.

It may be near impossible to ensure absolute immunity from attacks. But as a bare minimum, companies should be encrypting your data. How many more breaches is that going to take?

Update: The Guardian notes that TalkTalk has confirmed it received a demand from someone claiming to be responsible for the attack. A TalkTalk spokeswoman said: “We can confirm we were contacted by someone claiming to be responsible and seeking payment.”

Adrian Culley, a former detective at Scotland Yard’s cybercrime unit, said that Islamic militants could be behind the breach, as a group calling itself ‘TalkTalk Hackers’ claimed responsibility for the attack in the name of Allah. It published what it claimed was a sample of several email addresses and national security numbers as proof, on Pastebin.

Scotland Yard said: “There have been no arrests and inquiries are ongoing. We are aware of speculation regarding alleged perpetrators. This investigation remains at an early stage. A full assessment of the alleged data theft is ongoing.”

Website attack affecting our customers [TalkTalk Help]

Get the TNW newsletter

Get the most important tech news in your inbox each week.