ebuyer daily deals 40% off

What was Stolen in the TalkTalk Hack?TalkTalk_title

It’s been a week since the tech world was rocked by news that major internet service provider TalkTalk was the victim of a significant cyberattack. Since then, the company has been more than a little sheepish when pushed on the specifics of the damage caused.

TalkTalk have now decided to live up to their name and discuss figures. Having done so, the story is now wrestling for the headlines with news of another attack on a significant tech corporation.

 

Lifting the Lid

Given the natures of TalkTalk’s latest press release, it seems likely that they are still largely unaware of exactly what was stolen and how the attackers gained access to it. However, TalkTalk have claimed that the extent of the damage is “significantly less than originally suspected”. Amongst the accessed data is:

  • less than 1.2 million customer email addresses, name and phone numbers
  • less than 28,000 obscured credit and debit card details
  • less than 21,000 bank account numbers and sort codes
  • less than 15,000 customer dates of birth

TalkTalk’s rhetoric and persistent us of “less than” during the released figures is attempting to extinguish the severity of the situation. Given that the credit and debit card details are all missing the six middle digits means that whoever now has their hands on them won’t be able to make any purchases using those stolen details. In the short term then, the biggest danger to those affected will be via the 1.2 million basic customer details, who should be on guard for any potential scams via phone or emails addresses. TalkTalk have also offered out 12 months of free credit monitoring alerts with Noddle (using the code TT231).

hack_image

Elsewhere, the investigation into who carried out the attack continues. Last week, a 16-year-old boy from London and a 15-year-old boy from Northern Ireland were arrested on suspicion of Computer Misuse Act offences. Both have since been released on bail, however a third suspect has now been arrested in regards to the attack. The suspect, a 20-year-old man from Staffordshire, has also been held over offences relating to the Computer Misuse act.

Whilst this attack represents the third breach of TalkTalk’s systems in the last year, they aren’t the only tech-related company currently under the cybercrime microscope. Major mobile network provider Vodafone have also been the victim of an attack, although it seems considerably less severe than the events currently unfolding at TalkTalk.

The company have announced that between midnight on the 28th of October and midday on the 29th, an attempt was made by an unauthorised source to access customer details. Vodafone have insisted their systems were not breached, and the attackers used externally sourced email addresses and passwords as the source of their attack. As a result, only 1,827 customers had their accounts accessed, with their names and some bank accounts potentially at risk. The owners of each account have been notified by Vodafone, and they insist there is no need for alarm from any of their other customers.

 

Guarding against Further Damage 

So, how should you be guarding against any further damage should you be a customer of TalkTalk, Vodafone or any other company that handles your personal data? Well, anyone who now has their hands on your bank account details is not in a position to clear out the contents, but you should be monitor the outgoings of your bank a little closer in the short-term just in case.

Any further attempt at gaining information from you will likely come from a phishing attack. Using the email addresses or phone numbers gathered, phishing attacks will be fraudulent emails or phone calls coaxing unsuspecting people into handing over information. Be extra vigilant if asked to hand over passwords and bank details.

 

password-safe-title

Title Image- TalkTalk Group

6 COMMENTS

  1. Wait, seriously? “Be extra vigilant when handing over passwords and bank details.” No. NO! You NEVER hand over a password. EVER. Under no circumstances. What WAS the author thinking?

  2. It seems that the main problem this is causing is telephone and email vishing and phishing scams. The vishing, (voice phishing) is being reduced by telephone connections ending if one, not both parties to the call put their telephone instruments down. However there is more the authorities could do.

    1. make it impossible for anyone to withhold their number when making telephone calls.
    2. give overseas telecom companies a time limit before they must make the sending number available internationally.
    3. repeal data protection legislation that prevents police from tracing bank transfers.

    Once anonymity has gone from telephone calls and bank transfers, this sort of crime should be very rare.

  3. I keep getting phishing voice calls from 0011390584680 who do I report this to. Coincidentally (or is it) my code is 0113 so the first time I answered the call thinking it was someone local! The caller then asked if I was at my computer and said that they had reports from Symantec that my Norton Internet Security had sent an error report to the effect that my computer had been breached and that they would fix it. It became obvious that it was a phishing attempt and I said I would ring them back and stopped the call. Several times the attempt to call me was made but as I recognized the number I let it go to the answering machine – no message was left. Several days later I saw the number 0113 and answered it was the same guy but this time he said that my Windows 10 had problems updating and have reported etc etc. The full number is 0011390584680. I have reported this number to Symantec and told the Fraud Office of the occurrence. This is just to inform others of this voice phising scam.

  4. @stevek snap i cant belive it thought it was a joke at first im sure its a mistake then again judging by previous articles on here its proberly true ignorance is bliss! !!!

  5. @stevek @trigga
    .
    Clumsy wording at best I admit. Obviously I wasn’t advocating you hand over any personal details over phone or email. Amended all the same.

LEAVE A REPLY

Please enter your comment!
Please enter your name here