The company also said customers’ personal information may have been stolen including names, addresses, dates of birth, email addresses, phone numbers, TalkTalk account information, and credit card or bank information.
Advertisement
“TalkTalk constantly updates its systems to make sure they are as secure as possible against the rapidly evolving threat of cybercrime, impacting an increasing number of individuals and organisations”, company CEO Dido Harding said.
She said: “I’m sorry to be so vague, but at this stage we’re not certain what information has been stolen”. In February, TalkTalk told customers that scammers were using data that had been stolen to trick customers into revealing their personal information.
The Institute of Directors, a British business lobby, said that while the biggest attacks gain most attention, companies face a constant threat from cyber security incidents.
If confirmed by a Metropolitan Police Cyber Crime Unit investigation, the breach would be one of the largest in United Kingdom history. Presumably it is demanding payment in return for not publishing customer information, though neither TalkTalk or the police have revealed much in the way of details.
The company reported a “major criminal cyber-attack” Thursday, claiming it could “potentially” affect all of its four million customers.
“Sky’s technology correspondent Tom Cheshire said a Distributed Denial of Service attack was probably part of the hack: “(It’s) when a network is flooded with requests which it can’t respond to in time, so it shuts down. TalkTalk warned customers to watch their bank accounts carefully for evidence of fraudulent activity, and it is offering a year of free credit monitoring. So we took the decision to bring down our systems right away, we then spent the next 24 hours trying to work out exactly how someone had got in and what data they had accessed.
Advertisement
A post appearing on Pastebin entitled “A Message from the TalkTalk hackers”, reads: “We Have Made Our Tracks Untraceable Through Onion Routing, Encrypted Chat Messages, Private Key Emails, Hacked Servers. We’re working with the police and cyber security experts to understand what happened and protect as best we can against similar attacks in future”.
