Cyber criminals are phishing for customers’ sensitive information following a data breach at TalkTalk, a UK Internet service provider.
In an email sent to its four million customers, TalkTalk confirmed that “in a small number of cases,” scammers might have compromised customers’ information.
“We have now become aware that some limited, non-sensitive information about some customers could have been illegally accessed in violation of our security procedures.”
The ISP added: “We want to reassure customers that no sensitive information, such as bank account details, has been illegally accessed, and TalkTalk Business customers are not affected.”
TalkTalk’s confirmation follows an investigation it initiated after a large number of customers began submitting complaints of having received calls from individuals purporting to be TalkTalk representatives.
According to these customers’ reports, the scammers attempted to leverage customers’ “non-sensitive” information, such as addresses and account numbers, in order to phish for other sources of customers’ personal information, including bank details.
TalkTalk first began its investigation back in December, reports The Guardian, with customer reports of scammer attacks dating back to October of last year, as TalkTalk’s online community forums reveal.
However, according to the BBC, one TalkTalk customer stated that scammers operating in a similar fashion to the ones described in the company’s investigation contacted him back in August of 2014.
The ISP has confirmed that it is currently in communication with the Information Commissioner’s Office (ICO), an independent authority based in the UK whose mission is to protect and uphold the public’s “information rights.”
The ICO released the following statement regarding the data breach at TalkTalk: “We are aware of a possible data breach involving TalkTalk and are making enquiries into the circumstances.”
For more information about the breach, including a hotline number for customers who think they might have been targeted by scammers, please click here.