430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

TalkTalk data breach, hackers compromised 4 million customer records

The British Internet Service Provider TalkTalk discloses possible breach and admits some data are not encrypted. The investigation is still ongoing. Another illustrious victim of a data breach is in the headlines, TalkTalk Telecom Group plc has announced that four million subscribers may have been impacted by a “sustained cyberattack” that hit its servers. TalkTalk Telecom […]

talktalk

The British Internet Service Provider TalkTalk discloses possible breach and admits some data are not encrypted. The investigation is still ongoing.

Another illustrious victim of a data breach is in the headlines, TalkTalk Telecom Group plc has announced that four million subscribers may have been impacted by a “sustained cyberattack” that hit its servers.

TalkTalk Telecom Group plc is a British ISP which offers pay television, telecommunications, internet access, and mobile network services to businesses and consumers in the United Kingdom.

According to the company personal and financial information, including bank details, have been exfiltrated by the threat actors. This mean that four million subscriber’s records containing names, home addresses, dates of birth, phone numbers, email addresses, bank account info and credit card numbers have been compromised by the hackers. The bad news is that TalkTalk also admitted that not all of the data potentially compromised was encrypted.

TalkTalk

The TalkTalk company took down its website two days, officially reporting a broadband outage.

“The TalkTalk website is unavailable right now. Sorry we are currently facing technical issues, our engineers are working hard to fix it. We apologise for any inconvenience this may cause.” stated the TalkTalk website.

A few hours ago TalkTalk issued an official statement informing the customers the Met Police Cyber Crime Unit has launched a criminal investigation “following a significant and sustained cyberattack on our website.”

“Today (Thursday 22nd October), a criminal investigation was launched by the Metropolitan Police Cyber Crime Unit following a significant and sustained cyberattack on our website yesterday. That investigation is ongoing, but unfortunately there is a chance that some of the following data has been compromised: names, addresses, date of birth, phone numbers, email addresses, TalkTalk account information, credit card details and/or bank details. ” report the statement.

The TalkTalk CEO, Dido Harding, declared that its company gives a great importance to customers’ security, the company “constantly updates its systems” to protect against the “rapidly evolving threat of cyber crime.”

In response to the attack, the company is contacting its customers to provide the necessary support to avoid any abuse, the company will probably offer one-year of credit monitoring to all customers.

“As soon as we realized the website was under attack, we pulled the site down in an effort to protect data…As a further precautionary measure, we contacted our customers straight away to warn them of the potential risk and provide advice on what to do.” said Harding.  

This is not the first time that crooks target the TalkTalk company, earlier this year scammers conducted a series of social engineering attacks on its customers in an attempt to convince them to provide their bank account details.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – TalkTalk, data breach)