LONDON, Oct 23, (Agencies): The personal data of millions of Britons could be at risk after telephone and broadband provider TalkTalk was hit by a “significant and sustained” cyberattack, the company said Friday. TalkTalk said information including customer names, addresses and bank details could have been compromised, and that it had informed London’s Metropolitan Police Cyber Crime Unit. “There is a risk that all of our customers’ personal data has been accessed,” chief executive Dido Harding told the BBC. In a statement on its website, the company said that “not all of the data was encrypted”. Harding said the company had also been contacted by someone purporting to be the hacker who was “looking for money”. She said she was not sure whether it was an individual or a group making the demand.
Police had no information on those behind the attack, but said they were “aware of speculation regarding alleged perpetrators”. The company has some four million broadband subscribers, and has offered customers free credit monitoring over the next year to spot unusual bank transactions. TalkTalk shares plunged at the start of trading on Friday but recovered in the afternoon and were down 2.05 percent at 263 pence on the London Stock Exchange. Jens Monrad, a Copenhagen-based security expert for US cyber defence firm FireEye, also told Reuters that samples of financial data which appeared to come from TalkTalk customers had been spotted for sale in cybercriminal forums on the so-called dark Web.
A TalkTalk spokeswoman declined to comment, citing the ongoing police investigation. The attack is potentially one of the largest and most damaging to hit a British company, and follows dozens of high-profile cases targeting retailers and banks in North America. The details of millions of customers of infidelity website Ashley Madison were leaked in August after a massive cyber assault, while Sony Corp’s studios were hit last year. TalkTalk said late on Thursday there was a chance names, addresses, dates of birth, phone numbers, email addresses, TalkTalk account information, credit card details and/or bank details had been accessed. “Potentially this could affect all of our customers. I don’t know for certain, which is why we are taking the precaution of reaching out to everyone,” Harding told the BBC.
The attack is the third data breach to hit TalkTalk this year, and experts said it would damage the reputation of the company, which competes with bigger rivals BT, Virgin Media and Sky in the broadband market. “Their brand will be damaged and their customers will say it is the final straw,” said computer security expert Graham Cluley. Shares in TalkTalk, which had fallen 7 percent since the group’s websites went down on Wednesday, fell as much as 8.5 percent on Friday to a two-year low of 238 pence. Some customers took to Twitter to vent their anger. “I see TalkTalk has been hacked again, seriously need to go to another provider, especially as I find out via BBC and not TalkTalk,” said Cardiff-based user Lan.
Monrad said hackers seeking to exploit the value of stolen customer data often publish small samples of stolen data in order to attract buyers in the underworld who will in turn try and exploit customer details for financial gain. “Our field intelligence operation has found what appears to be a direct dump of various database information from TalkTalk,” he told Reuters in an interview. He said the samples FireEye has collected contain specific bank account and credit card information from what appears to be TalkTalk customers.
ATalkTalk spokesman said the company was trying to determine whether key customer financial details and passwords were protected by encryption in the company’s databases. “We are still investigating the extent of information accessed and exactly what customer data may have been compromised,” the spokesman said. The Metropolitan Police said its cyber crime unit was investigating an alleged data theft from a telecommunications website, without giving details. Personal data including names, addresses and phone numbers were stolen from TalkTalk at the start of the year, and in August servers owned by Carphone Warehouse, the retailer which founded TalkTalk, were attacked, potentially affecting 480,000 TalkTalk mobile customers.