The telecoms firm TalkTalk has reported what it calls ‘a significant and sustained cyberattack on our website’. The company said that the hackers may have accessed its customer names, addresses, date of birth, email address, telephone numbers, account information, credit card and/or bank details. The internet service provider advised customers to keep an eye on their accounts over the next few months. It stressed that TalkTalk will never call customers and ask for bank details unless it already had specific permission to.
Visit http://help2.talktalk.co.uk/oct22incident
Comments
Justin Harvey, CSO of Fidelis, said that the TalkTalk data breach will no doubt send shockwaves throughout the UK. “The sheer number of people that will be affected by this breach, in a personal and business capacity, means that it will be one of the defining cyber attacks of 2015. The pivotal point being that, reportedly, not all of the data held by TalkTalk was encrypted. It is the responsibility of organisations to encrypt all personal data at rest and in transmission, there is technically no reason not to have done this.”
John Smith, Principal Solutions Architect, Veracode, said: “This high profile breach – in which names, addresses, and credit card details are at risk – only highlights the importance of regularly testing applications and remediating vulnerabilities. Companies should learn from this by adopting a proactive approach to cyber-security, frequently assessing the robustness of their networks and ensuring critical customer data is protected. They should also be ready to react, should a breach occur, to ensure they have communicated the situation with their customers and reassured them that everything is being done to plug any gaps.”
Raj Samani, CTO for Intel Security EMEA, said: “Initial reporting suggests that this attack leveraged DDoS as a potential smokescreen to hide the cyber criminals ultimate goal – data theft on a huge scale. While it is too early to draw conclusions, we know from previous incidences, such as Operation Troy, that this tactic has been successfully used in the past. Whatever the attack method used, potentially affected customers will understandably be more concerned with finding out whether their data has been compromised. Our Hidden Data Economy report recently revealed that the marketplace for stolen data is thriving. Not only are huge amounts of stolen information readily available online, but buyers do not even have to delve into the darknet to access this information. Almost any information you can imagine can – and is – being sold online, extending far beyond credit card details.
“Data breaches and hacks are hitting the headlines on a regular basis, leaving swathes of sensitive customer details in the hands of criminals. Businesses should be ensuring the right security measures are in place to effectively protect this information. Affected organisations are learning that a quick reaction is vital – recognising when a data breach has occurred and moving quickly to inform customers is key if they are going to stop cyber criminals from exploiting any stolen data.”
Richard Brown, Director EMEA Channels and Alliances at Arbor Networks, said: “This is just the most recent attack in what is a long line of breaches against large well-known organisations storing huge volumes of at-risk customer data. Dido Harding already reiterated that cybercrime is the ‘crime of our generation’, something the that ONS realised last week when it was included in its official crime report for the first time.
“All organisations should view this attack as the latest warning that they need to sit up and realise that cybercrime is now one of the biggest threats to their reputation, profitability and customer base. Tools and processes should be put in place to protect the network and deal with any issues if an attack does occur. As the wide range of organisations shows – any business is at risk. However, customers need to also take responsibility for their personal data. Simple steps can be taken to reduce the impact to them if such attacks do occur such as using different passwords for different accounts.”
Benjamin Harris, Managing Security Consultant of MWR InfoSecurity advised: “As always when there is a concern that payment data may have been breached, consumers should pay attention to transactions made on their debit and credit cards and report any suspected fraudulent transactions to their card issuer. Being proactive will help to limit any damage caused by exposure of credit card information, however if consumers are heavily concerned about the confidentiality of their debit or credit card, it is recommended that they contact their card issuer to provision replacement cards, thus invalidating the previous credit or debit card used.
“It appears that TalkTalk have been proactive in this instance, and have done the correct things by issuing a public statement and involving the relevant authorities, allowing the attack to be investigated and thus limit any further damage.
“Incident response is a necessity for most organisations. In this case, it is important that organisations are both proactive and honest about any security breaches, and that they enlist the correct help from the outset. Identifying the attack mechanism is an important step in mitigating the risk, and pre-emptive actions (such as immediately destroying an infected machine) could lose vital evidence that would be useful in identifying the actual impact.
“Organisations should also regularly test their incident response plans. For example, logging and monitoring systems may not be regularly inspected. Realising that a log collation server has not been working for months and has not recorded information relating to a breach can be very frustrating, and these issues can be avoided with regular inspection.”
And Richard Beck, head of cyber security at QA said: “Breaking news of the DDoS attack against Talk Talk underlines the fact cyber crime is a clear and present danger to all businesses. Regardless of size, industry or geography cyber crime knows no boundaries. When it comes to mitigating the risk of a cyber attack, organisations should take the following approach – detect, defer, defend. A key element of this preparation is ensuring that employees have a good understanding of the threat landscape together with the steps they can take to help keep these increasingly sophisticated and determined cyber criminals at bay.”
ICO ID theft advice: https://ico.org.uk/for-the-public/identity-theft/
