Scam victim sues TalkTalk

The Mirror reports on Michael Robinson, who is taking British broadband provider TalkTalk to court after they were hacked and he suffered at the hands of scammers:

Mr Robinson, of Whitburn, near Edinburgh, who is claiming "substantial" compensation said: "We have suffered mentally."

He says the crooks also got hold of his wife’s details and photos of his children.

His bank refunded £257 after a conman called, saying he was from TalkTalk.

TalkTalk said: "Scammers only had minimal, inconsequential information."

Minimal? Inconsequential? Hmm. Personally, I think minimal information would have been zero.

The scammers exploited information about TalkTalk customers (including names, dates of birth, address, email address, phone numbers, full bank account numbers and sort codes) seemingly stolen through an elementary SQL injection attack on the TalkTalk website.

In the hands of a criminal such information can easily be used in a scam telephone call to trick the unwary into believing they are talking to a member of TalkTalk staff.

TalkTalk, however, only offered to waive affected customers' termination fees if victims could show that they had lost money as a direct result of the information above being stolen, not as a consequence of a subsequent scam phone call using the sensitive data.

TalkTalk would be wise to consider that trust takes years to build, seconds to lose, and a lifetime to regain (if you’re lucky).

Every one of those scammed customers will never use TalkTalk again, will tell all of their friends and family never to use TalkTalk, and some may even - like Michael Robinson - be tempted to seek financial redress through the courts.

Tags:

Smashing Security podcast
Check out "Smashing Security", the new weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"Three people having fun in an industry often focused on bad news" • "It's brilliant!" • "The Top Gear of computer security"

Latest episode:

4 Responses

  1. Techno

    June 27, 2016 at 10:39 am #

    Recently, I started getting faked email header bouncers and I received scam phone calls and text messages by people who knew too much about me. I realised in the end how this had happened:

    1. I used to be a customer of Virgin Media.
    2. When I left some of my Virgin Media email accounts weren't deactivated.
    3. These still active email accounts, along with my financial details, were transferred to TalkTalk last year as part of Virgin's divestment of its telephone line customers (Virgin National).
    4. TalkTalk got hacked.

    So I suffered from the TalkTalk breach even though I have never been a customer of TalkTalk.

  2. Lee Grant

    June 27, 2016 at 8:22 pm #

    I run a computer shop and dealing with customers that receive 'dodgy' phone calls is almost a daily occurrence – the amount of Talk Talk customers contacted far outweighs the others.

  3. Easton Wilson

    August 27, 2016 at 3:00 pm #

    I was a victim of a talk talk scam to the amount not £3866.00 which was taken from account I won't go into detail but it safe to say that I and my family have suffered both mentally and financially because of the scam. Its in the hand of the financial ombudsman who are looking into the case. I fear I will not get my money back, but if anyone can suggest what I could do next it would be much appreciated.

    Regards

    Easton Wilson

  4. Ex TalkTalk Customer

    December 6, 2016 at 12:17 pm #

    I was a victim of a very sophisticated TalkTalk Scam. Luckily I missed being defrauded of £11,000 by a matter of seconds. TalkTalk do not appear to care – they said it was my fault and showed no interest in how the scam was carried out.

    It's a bit like TalkTalk giving out one's name and address and account details to a thug in the street. So when the thug knocks on one's door, calls you by your name, and say they are from a trusted company, its your fault if you open the door and get punched in the face. Ver

Leave a Reply