TalkTalk, one of the biggest broadband and cell phone providers in the UK, has suffered a “significant and sustained cyber-attack” that could have compromised the credit card and bank details of its 4 million customers.
The company’s CEO, Dido Harding, apologized to customers for what is the third cyber-attack the company has faced in the past 12 months. She also pointed out that the breaches were “completely unrelated.”
I know it feels like a very long time but at Wednesday lunchtime all we knew was that our website was running very slowly, that our email system was running slowly, and that is usually an indication that someone is trying to bombard your systems to get in. So we took the decision to bring down our systems right away, we then spent the next 24 hours trying to work out exactly how someone had got in and what data they had accessed. We don't know for certain yet exactly what data has been accessed, what customer information has been stolen, so we have taken the precaution, actually very quickly, to try and let all of our customers know, so that we can help them and they can help secure their own information.
TalkTalk is working with the Metropolitan Police’s cyber-crime unit to learn more about the breach. No arrests have yet been made but enquiries are continuing. The company said in a statement that the there was a chance that customers' names and addresses, dates of birth, email addresses, telephone numbers, TalkTalk account information, and credit card/bank details may have been accessed. Not all of the data was encrypted.
The company has advised customers to keep an eye on their accounts over next few months, and to contact their banks if they spot any suspicious activity. Harding told BBC news that the TalkTalk website is now secure and that TV, broadband, mobile and phone services had not been affected by the attack. She added that she had received an email demanding a ransom from a group purporting to be behind the cyber-attack.
Adrian Culley, a former detective at Scotland Yard’s cybercrime unit, said that the hack appeared to be the work of Islamic militants after a group claimed responsibility for the attack in the name of Allah. He told BBC Radio 4’s Today programme: “It appears at face value to be Islamic cyberterrorism." Culley pointed out that a group calling themselves “TalkTalk Hackers” published what they claimed were a sample of dozens of email addresses and national security numbers on Pastebin as proof of the attack. The message said: “We will teach our children to use the web for Allah … your hands will be covered in blood … judgement day is soon.”
It’s thought that the breach was perpetrated using a DDoS attack followed by an SQL injection. If this is the case, many experts say TalkTalk should have had better security measures in place to defend against such an intrusion, especially in light of the previous attacks on the company.
Now seems TalkTalk attack was DDoS followed by SQL injection - one expert tells me it's "disappointing" they fell victim to this technique— Rory Cellan-Jones (@BBCRoryCJ) October 23, 2015
TalkTalk's third security breach of 2015 has damaged consumer confidence in the firm. The company’s share price dropped 10% in wake of the news, wiping almost $460 million from its stock market value.