Talk Talk have announced that they were affected by a security breach yesterday (21st October).
In a message on their website they state that the Metropolitan Police Cyber Crime Unit have launched a criminal investigation due to a “significant and sustained cyberattack” targeting their website.
“The investigation is ongoing, but unfortunately there is a chance that some of the following data may have been accessed:
- Names
- Addresss
- Dates of birth
- Email addresses
- Telephone numbers
- TalkTalk account information
- Credit card details and/or bank details
More information is available on their website including a comprehensive FAQ section to help and reassure their customers.
Numbers of affected accounts are not known at this stage, but if you are a TalkTalk customer you may be in for a bumpy ride. Their advice is:
- Keep an eye on your accounts over the next few months. If you see anything unusual, please contact your bank and Action Fraud as soon as possible. Action Fraud is the UK’s national fraud and internet crime reporting centre, and they can be reached on 0300 123 2040 or via www.actionfraud.police.uk
- If you are contacted by anyone asking you for personal data or passwords (such as for your bank account), please take all steps to check the true identity of the organisation.
- Check your credit report with the three main credit agencies: Call Credit, Experian and Equifax
Important notice
Please be aware, TalkTalk will NEVER call customers and ask you to provide bank details unless we have already had specific permission from you to do so.
TalkTalk will also NEVER
- Ask for your bank details to process a refund. If you are ever due a refund from us, we would only be able to process this if your bank details are already registered on our systems.
- Call you and ask you to download software onto your computer, unless you have previously contacted TalkTalk, discussed and agreed a call back for this to take place.
- Send you emails asking you to provide your full password. We will only ever ask for two digits from it to protect your security.
TalkTalk have said that they are contacting all affected customers to inform them of the situation as well as keep them informed. They have not said what form the attack took but say that the website is now secure, and they have taken steps to inform major banks so that they can monitor customer accounts.
Our view: It seems an increasing challenge for all online businesses that they have to factor in the possibility of being a target of cybercrime, and with Aria, Scan and Overclockers all being targeted in the last week this should be at the forefront of all IT department heads, as well as staff in general to reduce the risks.
Whatever the cause, TalkTalk are obviously taking this event seriously and that’s a good thing but something needs to change – inventing new tech or new software, whatever it takes – to try to reduce the impact of this type of crime.
Full information about this is available at http://help2.talktalk.co.uk/oct22incident.