It advised customers to be on guard against scam emails and phone calls and said the stolen information on its own could not lead to financial loss. Of these customers, 15,656 bank account numbers and sort codes were accessed, it said.
Advertisement
The attack has seriously affected the reputation of TalkTalk and its shares dropped to nearly a third of their value after news of the breach went public.
“This Committee is concerned with the attacks on TalkTalk specifically as a telecoms and internet service provider, but with the recent move of the Information Commissioner’s Office to DCMS, we will also be looking more widely at the security of personal information online”.
Although the decision was taken to tell all TalkTalk customers of the security breach, the company says that only 4% of its customers have any sensitive personal data at risk.
Hackers acquired the credit and debit card numbers of 28,000 customers, but the company said these could not be used for transactions as they were “orphaned”, meaning the cardholders cannot be identified from the details which were stolen.
Following investigations by TalkTalk and the Metropolitan Police after the attack on 21 October 2015, the group confirmed that 156,959 customers’ personal details were accessed. “We believe we had a responsibility to warn customers ahead of having the clarity we are finally able to give today”. Police have arrested four people in connection with the hack; a 15 year-old boy in Northern Ireland, a 16-year-old boy from west London, a 20-year-old man in Staffordshire, and a boy of 16 in Norwich.
Advertisement
Those who have had financial information accessed have all been contacted, and the firm is in the process of getting in touch with all of its other customers who have been affected.
