TalkTalk Telecom Group plc is a United Kingdom company founded in 2003, which provides pay television, communications, internet access and mobile network services to its customers.
As the second quadruple play service company in the UK after Virgin media, one would expect, as its customers did too, that data protection would be pretty high on their list. And its CEO Dido Harding claims this to be true, declaring to BBC that: “We take any threat to the security of our customers’ data extremely seriously”.
Too bad this declaration doesn’t come as part of positive publicity campaign, but due to the inquiries currently being made about the hack and subsequent major data loss that the company suffered sometime last week, with them acknowledging in a statement, on the 22nd of October that: “[The] investigation is ongoing, but unfortunately, there is a chance that some of the following data has been compromised: names, addresses, date of birth, phone numbers, email addresses, TalkTalk account information, credit card details and/or bank details.” They have also confirmed that they have been contacted by someone claiming to be the hacker.
Now the story continues with new information, as over the weekend it was reported that this security breach may cost the company millions and also, that the number of cases of data loss that are currently under investigation number in the thousands. Important note: we are talking here about thousands of cases in which customers reportedly lost not just their data security but also actual money to the hackers.
Reuters has reported a confirmation of the situation from Jens Monrad, a security expert (at FireEye) who said that samples of what looked to be part of the financial data stolen from TalkTalk were available online.
The opinions regarding TalkTalk’s dilligence in protecting its customers’ data differ with some claiming that the company had suffered multiple cyber-attacks over the last 10 months and disregarded the security vulnerabilities (as reported by the Telegraph), while others put forward the scenario that this latest, admitted breach and its huge scope is in fact the work of an Islamist terror group. This later explanation comes from a former Scotland Yard cyber-crime unit detective, Adrian Culley, that told it to the BBC, without however, presenting any evidence.
TalkTalk themselves are not discussing the source of the attack, preferring for now to invoke the ongoing police investigation as the reason. But whatever the source turns out to be, terror group or just “plain old” hackers, it won’t really matter to the customers.
The size of the breach and the scope of the TalkTalk data loss are most definitely an alarm signal that should be heeded by all big companies catering to a lot of people.
Image source: 1.
Michael Turner
