Home
 » ISP News » 
Sponsored

ISP TalkTalk Failed to Inform 4,545 Customers of 2015 Data Breach

Wednesday, May 22nd, 2019 (10:14 am) - Score 1,853
TalkTalk Logo 2017

The fallout from a 2015 cyberattack against TalkTalk’s UK website, which exposed the personal data of 156,959 customers to hackers, appears to be continuing after a new report alleges that the broadband ISP failed to correctly inform 4,545 customers that their data had been compromised (instead they were told it was NOT exposed).

The attack resulted from a combined Distributed Denial of Service (DDoS) assault and an SQL Injection exploit against TalkTalk’s site (here), which enabled the hackers to access the personal data belonging to 156,959 customers (15,656 of those also exposed sensitive bank account details).

Since then the ISP has been fined £400,000 by the ICO (here) for their “failure to implement the most basic cyber security measures” and several of those involved in the attack have now been jailed. Meanwhile it’s believed to have cost TalkTalk around £77 million to repair and recover from the damage.

However a new investigation by the BBC’s Watchdog TV show found that personal details for a further 4,500 customers (i.e. those who were originally told that their data was safe) could still be found online via nothing more complicated than a Google search. The details included full names, addresses, email addresses, dates of birth, TalkTalk customer numbers, mobile numbers and bank details.

Until very recently the ISP was continuing to tell some of those affected that their details had not been exposed.

A TalkTalk Spokesperson said:

“The 2015 incident impacted 4% of TalkTalk customers and at the time, we wrote to all those impacted. In addition, we wrote to our entire base to inform them about the breach, advise them about the risk of scam calls and offer free credit monitoring to protect against fraud.

A recent investigation has shown that 4,545 customers may have received the wrong notification regarding this incident. This was a genuine error and we have since written to all those impacted to apologise. 99.9% of customers received the correct notification in 2015.

On their own, none of the details accessed in the 2015 incident could lead to any direct financial loss.”

Unfortunately the 2015 breach did result in many of those affected being targeted by calls and emails from fraudsters, who would have been able to use such information in order to make their scams seem more authentic (e.g. posing as bank or ISP support agents). Admittedly there have been so many huge data breaches over the past few years that linking such activity directly back to TalkTalk itself is perhaps an exercise in futility.

The data could conceivably also be used by fraudsters to sign-up for other services, setup direct debits and thus purchase goods on the victim’s behalf.

Add to Diigo
Mark Jackson
By Mark Jackson
Mark is a professional technology writer, IT consultant and computer engineer from Dorset (England), he also founded ISPreview in 1999 and enjoys analysing the latest telecoms and broadband developments. Find me on Twitter, , Facebook and Linkedin.
Leave a Comment
4 Responses
  1. Avatar Joe

    “Since then the ISP has been fined £400,000 by the ICO (here) for their “failure to implement the most basic cyber security measures” and several of those involved in the attack have now been jailed. Meanwhile it’s believed to have cost TalkTalk around £77 million to repair and recover from the damage.”

    I’m sure many IT bods reading this will shake their head with a familiar recognition. Its astonishing how many companies – even large ones – still don’t take security seriously. yet the costs of recovering from a breach as above dwarf any ongoing costs.

  2. Avatar Roger_Gooner

    All made worse by the response of the clueless Dido Harding who didn’t resign until 19 months later.

  3. Avatar StillWaitingForSuperFast

    So have the additional 4,545 customers been contacted now?

    As a previous TT customer, how can I tell if this affects me?

  4. Avatar Tom & Jerry

    @StillWaitingForSuperFast

    If you’re a previous customer like me then the answer is no. However you can tell if you’ve been affected by the amount of scam phone calls you get from indian sounding people or robot voices saying there is a problem with your internet service and they are TalkTalk representatives who want to help you with your (non-existant) internet problem.

    We’re still getting them 3 years later after leaving TalkTalk!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Comments RSS Feed

Javascript must be enabled to post (most browsers do this automatically)

Privacy Notice: Please note that news comments are anonymous, which means that we do NOT require you to enter any real personal details to post a message. By clicking to submit a post you agree to storing your comment content, display name, IP, email and / or website details in our database, for as long as the post remains live.

Only the submitted name and comment will be displayed in public, while the rest will be kept private (we will never share this outside of ISPreview, regardless of whether the data is real or fake). This comment system uses submitted IP, email and website address data to spot abuse and spammers. All data is transferred via an encrypted (https secure) session.

NOTE 1: Sometimes your comment might not appear immediately due to site cache (this is cleared every few hours) or it may be caught by automated moderation / anti-spam.

NOTE 2: Comments that break our rules, spam, troll or post via known fake IP/proxy servers may be blocked or removed.
Cheapest Superfast ISPs
  • Hyperoptic £21.00 (*25.00)
    Avg. Speed 50Mbps, Unlimited
    Gift: £50 Shopping Voucher
  • TalkTalk £21.95 (*36.00)
    Avg. Speed 38Mbps, Unlimited
    Gift: None
  • xln telecom £22.74 (*47.94)
    Avg. Speed 66Mbps, Unlimited (FUP)
    Gift: None
  • Post Office £22.90 (*37.00)
    Avg. Speed 38Mbps, Unlimited
    Gift: None
  • Direct Save Telecom £22.95 (*29.95)
    Avg. Speed 35Mbps, Unlimited
    Gift: None
Prices inc. Line Rental | View All
The Top 20 Category Tags
  1. BT (2533)
  2. FTTP (2254)
  3. FTTC (1676)
  4. Building Digital UK (1616)
  5. Politics (1444)
  6. Openreach (1432)
  7. Business (1258)
  8. Statistics (1110)
  9. FTTH (1105)
  10. Mobile Broadband (1056)
  11. Fibre Optic (978)
  12. Ofcom Regulation (922)
  13. 4G (918)
  14. Wireless Internet (917)
  15. Virgin Media (870)
  16. EE (602)
  17. Sky Broadband (600)
  18. TalkTalk (586)
  19. Vodafone (532)
  20. 3G (417)
Promotion
Helpful ISP Guides and Tips
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
Sponsored

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms , Privacy and Cookie Policy , Links , Website Rules , Contact