» ISP News » 

UK ISP TalkTalk Reveals Precisely How Much Data Was Stolen in Hack

Friday, October 30th, 2015 (1:39 pm) - Score 1,184

Internet provider TalkTalk has today confirmed exactly how much data was compromised in last week’s website hack and the good-ish news is that less than 21,000 unique bank account details were stolen, although 1.2 million customer email addresses, names and phone numbers weren’t so lucky.

The hack, which was the result of a combined Distributed Denial of Service (DDoS) assault and later an SQL Injection exploit against TalkTalk’s website, has kept the ISP’s online ordering system offline for over a week. Outside of that the Metropolitan Police’s Cyber Crime Unit has also made two arrests around the UK, both of which appear to involve teenage boys.

Meanwhile the ISP, which is clearly aware that their reputation has taken a significant beating (well it was the third such incident inside of 12 months), have continued to try and be as open and honest as possible with their customers and the public. Admittedly that hasn’t always gone as planned and TalkTalk’s CEO, Dido Harding, sometimes said the wrong things.

Never the less we’ve today been given more information to help clarify precisely what information was accessed by the hacker(s) and the good news is that most of TalkTalk’s customers won’t have been affected by the loss of sensitive financial data. Mind you a lot of general person data was still compromised.

Update on Cyber Attack (30th October 2015)

Since the cyber attack on our website on Wednesday 21st October 2015, we have been working to establish what happened and, importantly, understand the extent of any individual customer data stolen during this attack. In light of the potential scale of attack, our responsibility last week was to inform all customers as quickly as possible. Our investigation continues, but we now know the extent of the data accessed is significantly less than originally suspected and can confirm that the following personal data were accessed:

– Less than 21,000 unique bank account numbers and sort codes;

– Less than 28,000 obscured credit and debit card details (as previously stated, the middle 6 digits had been removed)

– Less than 15,000 customer dates of birth

– Less than 1.2 million customer email addresses, names and phone numbers.

As we have previously confirmed, the credit and debit card details cannot be used for financial transactions. In addition, we have shared the affected bank details with the major UK banks so they can take their usual actions to protect customers’ accounts in the highly unlikely event that a criminal attempts to defraud them. We also encourage all our customers to take up the free 12 months of credit monitoring alerts with Noddle, one of the leading credit reference agencies, using the code TT231.

Even though the scale of the attack is significantly smaller than initially suspected, we continue to advise customers to be vigilant, and to take all precautions possible to protect themselves from scam phone calls and emails. We want to make customers aware that we will not call or otherwise contact them regarding this incident and ask for bank details or other financial or personal information.

It’s important to reflect that TalkTalk doesn’t store complete credit and debit card details on their website, which is what was hacked. All of the exposed card details had a series of numbers hidden and therefore are not usable for financial transactions (e.g. 012345 xxxxxx 6789). TalkTalk’s “My Account” passwords were also NOT accessed.

Dido Harding, CEO of TalkTalk, added: “Given the potential size of this attack, we decided to be as open, honest and transparent as we could because we wanted to keep our customers informed and ensure they had the advice and support they need.

Today we can confirm that the scale of attack was much smaller than we originally suspected, but this does not take away from how seriously we take what has happened and our investigation is still on going. On behalf of everyone at TalkTalk, I would like to apologise to all our customers. We know that we need to work hard to earn back your trust and everyone here is committed to doing that.”

Incidentally a third person, this time a man (aged 20), has also been arrested in connection with the hack. The previous two arrests involved young teenage boys.

Share with Twitter
Share with Linkedin
Share with Facebook
Share with Reddit
Share with Pinterest
Mark Jackson
By Mark Jackson
Mark is a professional technology writer, IT consultant and computer engineer from Dorset (England), he also founded ISPreview in 1999 and enjoys analysing the latest telecoms and broadband developments. Find me on Twitter, , Facebook and Linkedin.
Leave a Comment
9 Responses
  1. Avatar FibreFred

    Nothing on lesson’s learned then?

    No from the ground up look at security of all systems etc etc? If they want people to stop with them or sign up new people want to know what they’ve taken away from this experience, what are they doing to try to prevent a fourth or fifth compromise of service?

    Otherwise its

    “I would like to apologise to all our customers. We know that we need to work hard to earn back your trust and everyone here is committed to doing that.”


    “Is anyone there?”

    • Avatar Bob2002

      Apparently this time it was a couple(?) of teenagers that caused a complete panic, they are just lucky it wasn’t organised crime or somebody more malicious. If teenagers can break your security then so can everyone else.

    • Avatar Gadget

      Having skimmed the pages of the FT Weekend on the newsstand today it was claimed that the weaknesses in the Talktalk site were known and discussed in forums beforehand and there were around 11 weaknesses/vulnerabilities being discussed. Unfortunately the digital version is behind the paywall, but if proven true then it can only add to the woes.

    • Avatar Mike C

      Standard practice for them though, reacting rather than preventing

  2. Avatar dragoneast

    Would I want to know exactly what security actions TalkTalk are doing? If I know so do all the criminals and hackers. They just need to do it, properly; so no more events. And their CE needs to keep her hand on the tiller.

    • Avatar FibreFred

      No specifics dragoneast just a statement stating they are doing it

      Otherwise people will assume no change and it’s not a bad assumption being its the third attack in a year

  3. Avatar Lynda Levy

    TalkTalk are still telling their customer to sign up with Noddle, knowing full well that Noddle cannot cope with the volume of talktalk customers attempting to access their service. I was promised at the beginning of this week that talktalk would be offering an alternative to their customers, but so far nothing. Noddle have admitted they can’t cope; talktalk is aware of the problem and is, as usual, ignoring it.

    It’s an utter disgrace.

  4. Avatar hmmm

    pay peanuts you get isp run by monkeys

    • Avatar Mike C

      I hear what you’re saying, however they can do so much more to get it right, regardless of what they charge. They made enough money when they started, they just didn’t invest it right and as I said above, they react rather than prevent

Comments RSS Feed

Javascript must be enabled to post (most browsers do this automatically)

Privacy Notice: Please note that news comments are anonymous, which means that we do NOT require you to enter any real personal details to post a message. By clicking to submit a post you agree to storing your comment content, display name, IP, email and / or website details in our database, for as long as the post remains live.

Only the submitted name and comment will be displayed in public, while the rest will be kept private (we will never share this outside of ISPreview, regardless of whether the data is real or fake). This comment system uses submitted IP, email and website address data to spot abuse and spammers. All data is transferred via an encrypted (https secure) session.

NOTE 1: Sometimes your comment might not appear immediately due to site cache (this is cleared every few hours) or it may be caught by automated moderation / anti-spam.

NOTE 2: Comments that break our rules, spam, troll or post via known fake IP/proxy servers may be blocked or removed.
Cheapest Superfast ISPs
  • Hyperoptic £19.95 (*22.00)
    Avg. Speed 50Mbps, Unlimited
    Gift: Promo Code: HYPER20
  • SSE £22.00
    Avg. Speed 35Mbps, Unlimited
    Gift: None
  • Plusnet £22.50 (*35.98)
    Avg. Speed 36Mbps, Unlimited
    Gift: £50 Reward Card
  • xln telecom £22.74 (*47.94)
    Avg. Speed 66Mbps, Unlimited
    Gift: None
  • Onestream £22.99 (*34.99)
    Avg. Speed 35Mbps, Unlimited
    Gift: None
Prices inc. Line Rental | View All
The Top 20 Category Tags
  1. BT (2740)
  2. FTTP (2668)
  3. FTTC (1768)
  4. Building Digital UK (1722)
  5. Politics (1630)
  6. Openreach (1591)
  7. Business (1403)
  8. FTTH (1330)
  9. Statistics (1223)
  10. Mobile Broadband (1195)
  11. Fibre Optic (1048)
  12. 4G (1027)
  13. Wireless Internet (1009)
  14. Ofcom Regulation (1004)
  15. Virgin Media (991)
  16. EE (678)
  17. Sky Broadband (662)
  18. TalkTalk (653)
  19. Vodafone (651)
  20. 5G (487)
New Forum Topics
Oppo 5G CPE T1 for UK?
Author: daleski
Author: Neilv
Data speeds - o2
Author: Hagz1990
Helpful ISP Guides and Tips

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms , Privacy and Cookie Policy , Links , Website Rules , Contact