Telecoms operator TalkTalk has been hit by what has been described by police as a “significant”, attack on its website, resulting in the potential leaking of banking and personal data for some or all of the company's four million customers around the UK. While police and online-crime divisions are investigating the attack, so far no arrests have been made and TalkTalk is still trying to come to terms with how bad the breach may have been.
In the mean time, TalkTalk has published a list of information that may have been accessed by those responsible. It's rather exhaustive, covering everything from names, addresses and dates of birth, right through to account information and credit and banking details. While the telecoms provider did state that some of the more high-risk personal data was encrypted, not all of it was.
As expected this has a lot of customers worried and it will likely see some move on to TalkTalk competitors even if it is too late to save their data. This outlook was reflected in the company share prices which dropped 10 per cent in the hours after the news broke (via BBC).
The latest news is that a ransom notice was sent to Talk Talk on behalf of a group claiming responsibility for the hack. Presumably it is demanding payment in return for not publishing customer information, though neither TalkTalk or the police have revealed much in the way of details.
We're working to restore My Account as quickly as possible. You don’t need to change your password until it is restored. More info to follow
— TalkTalk (@TalkTalk) October 23, 2015
For now TalkTalk is recommending all customers change their password on the TalkTalk site (when it's back up) and anywhere else they may have reused that same information.
KitGuru Says: I wonder if this is at all related to the DDOS ransom attacks we saw against several UK tech retailers in the past few days?
Do you want to know something really interesting that is worth paying your attention right now,a fabulous online opportunity to work for those people who want to use their free time so that they can make some extra money using their computers… I have been working on this for last two and half years and I am making 60-90 dollar/ hour … In the past week I have earned 13,70 dollars for almost 20 hours sitting ….
Degree ,Specific qualification or skills is not necessary for this, just keyboard typing and a good working and reliable internet connection ….
Boundations or time limitations to start work is not required … You may do this work at any time when you willing to do it ….
Do you want to know how I have been doing this?…..….see this {Iink} on my !|profile|!` to know how I am working` on this`
rdrdfZZ^A*7
“Not all of the sensitive data was encrypted” *facepalm*. They should be shut down, their assets liquidated and distributed amongst affected customers, their liabilities made the burden of their executives. There should be a strict hard line on failure to encrypt personnal details.
It is a shit one… But even as a talktalk customer I don’t blame them entirely… Saying they should have encrypted everything, while probably correct in hindsight. It’s just a pointless blame game. I was getting pretty severe drop outs in my connection over the time mentioned though, I wonder If it has anything to do with this.
What “hindsight”, there has been plenty of infamous data thefts in the past several years. There’s no excuse at this point not to know that you need to protect your clients personal info.