Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Communications Crime Privacy United Kingdom

TalkTalk Hack: 4% of Customers' Data Accessed In Cyber Security Breach 25

Amanda Parker writes: TalkTalk has announced that 156,959 customers had their personal details accessed as a result of the recent attack on its website, in which 15,656 bank account numbers and sort codes were stolen. In an update, the firm also said the 28,000 credit and debit card numbers that were accessed were obscured, i.e. had part of the number asterixed out, and so are unusable for financial transactions. They were also "orphaned", says TalkTalk, so customers are unable to be verified by the stolen data.
This discussion has been archived. No new comments can be posted.

TalkTalk Hack: 4% of Customers' Data Accessed In Cyber Security Breach

Comments Filter:
  • by turkeydance ( 1266624 ) on Friday November 06, 2015 @07:01PM (#50880959)
    but TalkTalk was "attacked". vice/versa
  • by Anonymous Coward on Friday November 06, 2015 @07:05PM (#50880973)

    "TalkTalk" is a thing that exists, apparently.

    • by KGIII ( 973947 )

      According to someone from the UK, in a previous thread on this subject, TalkTalk is actually large service provider (internet and cellular phone services - as I recal) in the UK with some fairly decent numbers. Though, a quick bit of math in my head indicates this number is only 4,000,000 or slightly less. So, I'm not sure how that relates to the prior comments about the business? Maybe there were only four million customers for this particular service? The prior poster indicated that TalkTalk was 4th in on

      • by xaxa ( 988988 )

        Fixed-line internet and phone, plus IPTV. They are also a virtual mobile operator, I don't think they've got many customers for this.

        There are about 27 million households in the UK, so 4 million is a decent portion of the total market.

  • by garlicbready ( 846542 ) on Friday November 06, 2015 @07:22PM (#50881029)

    One question to ask is, were Talk Talk PCI DSS 3.1 Compliant?
    Were they using software for change control, and logging of device event logs?

    If your storing credit card data, then these standards require you to use software that recomends locking down kit, and logging via event logs to see who's broken in etc
    Also to get the certified you need to be audited by an external auditor, have monthly updates, 3 monthly scans, 6 monthly sotware updates etc.
    I can't help but think with all these break ins, it's just piss poor admin / or cheapness that's at fault

  • by nickweller ( 4108905 ) on Friday November 06, 2015 @07:24PM (#50881043)
    How do TalkTalk know how many records were downloaded, as TalkTalk didn't even notice when the original hack took place.
    • How do TalkTalk know how many records were downloaded, as TalkTalk didn't even notice when the original hack took place.

      The police have arrested some children and asked them.

  • Asterixed out: Having little cartoon dudes with magic strength potions drawn over them.

To be awake is to be alive. -- Henry David Thoreau, in "Walden"

Working...