» ISP News » 

A Quick Note – TalkTalk’s Latest UK Personal Data Breach and Website Woe

Friday, August 21st, 2015 (7:45 am) - Score 2,011

The Carphone Warehouse (CPW) recently suffered a massive breach of its customers personal data, which is believed to have potentially affected 2.4 million people, but not everybody seems to be aware of how this also affected other communications providers like TalkTalk.

The breach, which followed a “sophisticated cyber-attack” by hackers, was widely reported in the news as impacting CPW and as such some consumers may have skipped the news and thus might not be aware that it also hit various other associated providers.

In particular, CPW also runs TalkTalk’s mobile site (mobile.talktalk.co.uk), which along with the rest of the ISP was offline for most of this morning due to significant “maintenance” work. The related work was supposed to last from midnight to 6am, yet at the time of writing their primary websites and member account services are still down.

Unfortunately the data breach means that around 480,000 of TalkTalk’s mobile customers were potentially affected.

TalkTalk’s Statement

On Wednesday 5th August, our partners at Carphone Warehouse advised us that our mobile sales site (mobile.talktalk.co.uk), which they host, was subject to a sophisticated and co-ordinated cyber attack, along with a number of other similar websites.

As soon as they realised this, Carphone Warehouse shut down the sites. They’re now working with a leading cyber security firm to make sure our mobile sales website is completely secure.

However, we believe that some of our mobile customers’ data may have been accessed by the criminals. This includes customers’ names, addresses, dates of birth, bank details and other personal and TalkTalk account information.

For some of the affected customers, this may have also included their My Account username and passwords – for these customers, we have already suspended their accounts until they can reset their password.

We take our customers’ security very seriously, and we’ve already put in place additional security measures to prevent further attacks. We’ve also sent an email to all customers who we believe could have been impacted by this issue.

Sadly this is not the first time that personal data has been stolen from TalkTalk and another breach last year ultimately resulted in their customers being bombarded by a multitude of calls from spammers and fraudsters (here), which was exasperated by the providers failure to correctly inform its customer base in a timely fashion.

At least this time around they’ve been much quicker and more effective, albeit more on the information side than the security one. TalkTalk’s mobile customers are often also subscribers to the providers fixed line broadband and home phone products. A help page has also been setup, although at the time of writing this is not fully functional due to the protracted website “maintenance“.

UPDATE 12:39pm

The ISPs website(s) has now been down for over half a day, well past the original 6am target.

TalkTalk Status Update (9:55am)

Currently access to TalkTalk Website, TalkTalk sales for online orders, My Account and Webmail servcies are unavailable.

Customers will be unable to make any account changes, make payments either online or via phone, request upgrades or add boosts.

If you do need to call our colleagues to make any account changes or make payments etc, we do ask that you please call in the aftenoon.

We sincerely apologise for any inconvenience cause, and do assure you, our engineers are working to resolve this as quickly as possible.

Customers who require access to Web Mail services may be able to gain access via www.mail2web.com .

UPDATE 3:20pm

The site and services are back online, albeit a bit slower than usual.

Share with Twitter
Share with Linkedin
Share with Facebook
Share with Reddit
Share with Pinterest
By Mark Jackson
Mark is a professional technology writer, IT consultant and computer engineer from Dorset (England), he also founded ISPreview in 1999 and enjoys analysing the latest telecoms and broadband developments. Find me on Twitter, , Facebook and Linkedin.
Leave a Comment
5 Responses
  1. Carl says:

    Compromises happen, it’s how you deal with them that counts.

    My dad was not amused about their email suggesting he take a 30 day Experian trial (which he can’t as he’s already had one) to protect himself against their breach.

    You’d think there would be some way in which they could partner to provide free scoring services if they’re going to have frequent breaches.

  2. Bob2002 says:

    I have a TalkTalk mobile account, I have not received any notification about the data breach – they still manage to send me bills correctly. I found out about the breach by chance. I find this state of affairs disgusting.

  3. Kam says:

    Wonder if this is linked? I have an excellent credit rating…well I did until I checked this morning. Turned out that talktalk has done something to affect it, in the past couple of days. It has plummeted from excellent to poor overnight! Unfortunately I can’t get through to them, as we all know that their lines are down. And by the way, it can’t be due to a late payment as I used their pay in advance scheme to get a 10% discount. So maybe something more serious has happened?

  4. Ignition says:

    Why in the name of all that is holy were passwords being stored in plain text?


  5. Mrs J says:

    This happened to me this morning! I,thankfully, picked up on an anomaly in the information they provided, but they did have my customer reference number, name and address!!!!

    I called Talk Talk, they confirmed they hadn’t called me, but didn’t seem surprised, or even concerned! Absolutely appalling response from them ‘i have made a not on your account….etc’ The person I spoke to, said they had sent all customers and an email about the potential breach, I never received anything, and they were unable to confirm when the email or the letter had been sent, not great confimation on their behalf.

    They claimed it was in the press too? I don’t walk round with my eyes shut, or my ears closed but definitely do not know anything about this. I looked it up on Google, and found an article from February this year in the Guardian. The conversation the victim in the article had with the the Scammers matched the conversation I had this morning.

    There is nothing on their website that is visible, why aren’t they making this more public, essentially this could be life changing for some people to loose £2k ++.

    Also how can this STILL be going on for at least 8 months, what is being done about this by TT and CPW?

    Having experienced this myself today, it is so easy to see how someone could fall for it!! Scary!!!!

Comments are closed.

Comments RSS Feed

Javascript must be enabled to post (most browsers do this automatically)

Privacy Notice: Please note that news comments are anonymous, which means that we do NOT require you to enter any real personal details to post a message. By clicking to submit a post you agree to storing your comment content, display name, IP, email and / or website details in our database, for as long as the post remains live.

Only the submitted name and comment will be displayed in public, while the rest will be kept private (we will never share this outside of ISPreview, regardless of whether the data is real or fake). This comment system uses submitted IP, email and website address data to spot abuse and spammers. All data is transferred via an encrypted (https secure) session.

NOTE 1: Sometimes your comment might not appear immediately due to site cache (this is cleared every few hours) or it may be caught by automated moderation / anti-spam.

NOTE 2: Comments that break our rules, spam, troll or post via known fake IP/proxy servers may be blocked or removed.
Cheapest Superfast ISPs
  • Vodafone £19.50 (*22.50)
    Speed 38Mbps, Unlimited
    Gift: None
  • NOW £20.00 (*32.00)
    Speed 36Mbps, Unlimited
    Gift: None
  • Hyperoptic £20.00 (*25.00)
    Speed 50Mbps, Unlimited
    Gift: Promo Code: BIRTHDAY10
  • Shell Energy £21.99 (*30.99)
    Speed 35Mbps, Unlimited
    Gift: None
  • Plusnet £22.00 (*38.20)
    Speed 36Mbps, Unlimited
    Gift: £60 Reward Card
Large Availability | View All
Cheapest Ultrafast ISPs
  • Gigaclear £24.00 (*49.00)
    Speed: 300Mbps, Unlimited
    Gift: None
  • Vodafone £24.00 (*27.00)
    Speed: 100Mbps, Unlimited
    Gift: None
  • Community Fibre £25.00 (*27.50)
    Speed: 200Mbps, Unlimited
    Gift: None
  • Hyperoptic £25.00 (*35.00)
    Speed: 150Mbps, Unlimited
    Gift: Promo Code: BIRTHDAY10
  • Virgin Media £28.00 (*52.00)
    Speed: 108Mbps, Unlimited
    Gift: None
Large Availability | View All
The Top 20 Category Tags
  1. FTTP (3553)
  2. BT (3021)
  3. Politics (1936)
  4. Building Digital UK (1924)
  5. FTTC (1887)
  6. Openreach (1834)
  7. Business (1690)
  8. Mobile Broadband (1478)
  9. Statistics (1408)
  10. FTTH (1365)
  11. 4G (1276)
  12. Fibre Optic (1172)
  13. Virgin Media (1167)
  14. Wireless Internet (1159)
  15. Ofcom Regulation (1147)
  16. Vodafone (845)
  17. EE (834)
  18. 5G (770)
  19. TalkTalk (769)
  20. Sky Broadband (747)
Helpful ISP Guides and Tips

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms , Privacy and Cookie Policy , Links , Website Rules , Contact