Hacked TalkTalk says that it has received ransom demand

TalkTalkTalkTalk has said that it has received an email demanding a ransom be paid, after it suffered a hack which has potentially put the details of up to four million customers at risk.

Speaking to the BBC, TalkTalk confirmed that it had suffered from a distributed denial-of-service (DDoS) attack that disrupted its website earlier this week. Last night the telecoms firm revealed that information such as customers' names, addresses, phone numbers, dates of birth, and bank details could now be in the hands of hackers.

The Metropolitan Police's cybercrime unit is investigating, and customers are being told to watch their bank accounts for unusual activity, and contact Action Fraud UK if they spot anything suspicious.

Earlier a message had been posted on Pastebin claiming to be from the attackers, including what was said to be customer data.

Pastebin

Of course, because TalkTalk has suffered a series of security breaches in the last year it's hard for anyone on the outside to confirm that the data shared in the unverified Pastebin message is from the latest security breach, or if it is from the group who emailed TalkTalk.

Dido Harding, chief executive of Talk Talk, told the BBC that the email had demanded not just that a ransom be paid for the safe return of stolen data, but also to prevent further denial-of-service attacks.

"Yes, we have been contacted by - I don't know whether it's an individual or a group purporting to be the hacker. I personally received a contact from someone purporting - as I say, I don't know whether they are or are not - to be the hacker, looking for money."

Harding admitted that the company could have done more, but added that there is probably no company which couldn't do more to protect its systems.

On the BBC News at One, TalkTalk's CEO was quoted as saying that the company was unable to confirm what stolen data might have been encrypted - and which wasn't.

Such uncertainty is not going to comfort customers I suspect.

If the attackers did attempt to blackmail TalkTalk it certainly wouldn't be the first time that hackers have tried to extort money from the company it was attacking through a denial-of-service attack. If they had also managed to steal TalkTalk customer data then they are just turning the thumbscrews that little bit tighter...

Tags: , , , ,

Smashing Security podcast
Check out "Smashing Security", the new weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"Three people having fun in an industry often focused on bad news" • "It's brilliant!" • "The Top Gear of computer security"

Latest episode:

, , , ,

5 Responses

  1. artesea

    October 23, 2015 at 2:51 pm #

    The first two tables on pastebin have old data 2011 and 2012, however the final example has records from August this year. Of course the dates could have been edited by those posting.

  2. coyote

    October 24, 2015 at 2:16 am #

    'Harding admitted that the company could have done more, but added that there is probably no company which couldn't do more to protect its systems.'

    Harding is wrong! Just ask the CEO of Sony! He'll tell it how it really is! There are some attacks that simply cannot be countered! This includes stupidity (case in point: Sony CEO)

    (Okay, yes, Harding actually is right but that's a given since it is a constantly evolving battle)

  3. autan

    October 25, 2015 at 12:02 am #

    Now come on everyone, last weeks episode of Homeland showed a security data breach of the CIA in Berlin and just 3-4 days later, talktalk end up with a data breach.

    It seems obvious to me, that whoever did this, watched Homeland and had a pop at Talk Talk.

    Rule Number 1: Always store your data encrypted in your database.

    Rule Number 2: Never store bank details or credit card details without very strong encryption anywhere near the internet, unless you restrict it to admin privileges.

    If I was advising the Police, I would start by taking a look at how the breach happened and trace the IP addresses back to the proxies. From there you will be able to force the proxy companies to give you the real IP addresses.

    Sooner or later we have to stop being complacent, this happens all the time, so we need to take steps to prevent the people who pay us their money, from having their data stolen.

  4. David L

    October 25, 2015 at 1:14 am #

    Oh sure,deflect incompetence by blaming others for week security. " See,we are in good company" others need to do a better job too!

    I don't care who the company is, heads need to roll. People have enough to worry about these days.

  5. The Truth

    October 26, 2015 at 6:42 pm #

    It seems strange this story.

    Hackers dont just steal details. They would have caused harm in other ways. Talk Talk sold the information guaranteed and are now blaming hackers! Its all a fake sham scam done by that fork tongued woman they call a CEO.. She is a crook and she knows it!

Leave a Reply