Internet service provider TalkTalk has admitted that it suffered a major breach of user information, including customer names, addresses, phone and account numbers.
As reported by The Register, in an email to customers TalkTalk said that it first saw a big increase in malicious scammers claiming to be from TalkTalk at the end of last year. Following an investigation it said some customer information could have been illegally accessed, with scammers quoting these details to customers.
TalkTalk offered advice on scam calls, saying it knows that some customers are currently being targeted by criminal scammers claiming to be from TalkTalk who have obtained their account and phone number. It also confirmed that no financial data was at risk as it is encrypted on its systems.
It said: “We have reported the matter to the Information Commissioner’s Office and we’re liaising with them and other official bodies, because unfortunately it is not only our customers who are being targeted by scammers.
“We take our customers’ security incredibly seriously, so this is being dealt with at the highest level within TalkTalk and we have put every possible measure in place to try and stop this from happening again.”
Andrew Avanessian, EVP of consultancy and technology services at Avecto, said: “This is yet another reminder that a business is only as secure as the weakest link in its supply chain. It is a matter of access in this case. There are still too many businesses giving third parties unnecessary access to their corporate systems, and determined attackers will use these suppliers to gain an initial foothold in the target system.”
The Information Commissioner’s Office confirmed in a tweet that it is “aware of a possible data breach involving TalkTalk and are making enquiries into the circumstances”.
Ross Brewer, vice president and managing director for international markets at LogRhythm, said: “We see it time and time again – if an attacker wants to get in, they will. This TalkTalk breach highlights not just the importance of organisations ensuring their own security policies are up to scratch, but also that of their third parties.”
Brewer praised TalkTalk for its speed in reacting to the situation by investigating when unusual events were reported, and then quickly informing customers of the situation. “Most organisations currently operate in a mode where the time it takes to detect and respond to threats is months – or weeks at best. In order to ensure that damage is limited, and to avoid becoming the next breaking news headline, businesses should aim to reduce this time to hours or minutes,” he said.