TalkTalk, a UK telecommunications company, is an investigating a data breach that might have compromised the personal information of as many as four million customers.
On Friday, Trista Harrison, Managing Director (Consumer) of TalkTalk, posted an update on the company’s website about the incident:
“We are very sorry to tell you that yesterday a criminal investigation was launched by the Metropolitan Police Cyber Crime Unit following a significant and sustained cyber attack on our website on Wednesday 21st October.”
Harrison goes on to note that the names, addresses, dates of birth and credit card/bank details of TalkTalk customers might have been exposed in the breach.
It is unclear at this time how many customers were affected by the incident but it could be as many as four million users.
As Harrison’s post notes, the Metropolitan Police Cyber Crime Unit has launched a criminal investigation into the breach to determine exactly how and why the attack transpired.
Although the investigation is still ongoing, some reports suggest that a group of radical Islamic militants have taken responsibility for the hack under the name “TalkTalk Hackers”. These reports state the attackers posted the email addresses of approximately one dozen compromised customers, along with this message:
“We Will Teach our Children To Use The Web For Allah.. Your Hands Will Be Covered In Blood.. Judgement Day Is Soon.”
Ex-Metropolitan Police cybercrime expert Adrian Culley is taking the threats of the “TalkTalk Hackers” very seriously.
“TalkTalk has millions of customers, but it is also part of the country’s critical national infrastructure,” Culley told The Independent. “This is a matter of national security.”
Other security experts are more skeptical and cite the jihadist claim of responsibility as a common tactic used by hackers in data breaches.
Since having discovered the attack, TalkTalk has begun notifying customers about the incident. The company’s CEO Didi Harding even spoke with a BBC flagship company in order to warn about how attackers could leverage the breach to phish for further information about affected users:
“Unfortunately cybercrime is the crime of our generation. Can our defences be stronger? Absolutely. Can every company’s defences be stronger? I’m a customer myself of Talk Talk; I’ve been a victim of this attack.”
According to Richard De Vere, who is the Principal Consultant for the AntiSocial Engineer Ltd., TalkTalk has a record being forthcoming when security issues have arisen. This includes some two weeks ago when De Vere published a blog post explaining that a few TalkTalk customers were being targeted by social engineering attacks.
“I posted my article 14 days ago,” states De Vere in his post. “Two days after I published it, they [TalkTalk] pulled all ‘.net’ and ‘.com’ domains. I later found malware on their hosts 404 page, and they removed thousands of sites exactly like my article said to do.”
De Vere goes on to note that a researcher contacted him earlier this week and notified him of a second vulnerability with regards to the company. He informed TalkTalk’s executives about the issue, and the police are now investigating it.
It is recommended that TalkTalk users take advantage of the year’s worth of free credit monitoring services that will be offered to them as a result of this incident. They should also stay alert to phishing attacks that might seek to further compromise their information.
This is third breach TalkTalk has suffered this year following an incident that occurred in February, as well as a further hack in August.