23 October 2015
2 min read
TalkTalk, one the UK's largest providers of broadband and communications to business and personal users, has confirmed a data breach by cyberattackers - for the third time this year.
Dido Harding, TalkTalk's chief executive, could not confirm how many of its 4 million customers could be affected by the hack, which may include credit card and other bank details.
“On Wednesday lunchtime, all we knew was that our website was running slowly and that we had the indications of a hacker trying to attack”Dido Harding, chief executive at TalkTalk
Ms Harding told ITV's Good Morning Britain: "I can't even tell you today exactly how many customers have been affected. We have tried to come public as fast as we can once have got a reasonable idea of what potential data has been lost."
While this attack joins a long list of similar attacks recently, this event is especially severe as a person claiming to be the hacker, or representing the hacker or hackers, has contacted Ms Harding directly - to demand ransom.
"We have been contacted by, I don't know whether it's an individual or a group purporting to be the hacker," Ms Harding then told the BBC. "I personally received a contact from someone purporting - as I say, I don't know whether they are or are not - to be the hacker, looking for money."
Although Ms Harding stresses the three hacks this year are "completely unrelated", the third attack this year has prompted the TalkTalk Chief Exec to question if more could have been done to prevent it.
"With the benefit of hindsight, were we doing enough?" she asked. "Well, you've got to say that we weren't and obviously we will be looking back and reviewing that extremely seriously."
The demand for ransom marks a new level of severity for IT security concerns, if the demand is met it may spur on other attackers to seek financial gain while if it is not, millions of customers' data could be released publicly, putting much more at risk than just TalkTalk's reputation.
While similar recent hacks of Sony and Ashley Madison were brushed off by some for their apparent ethical motivations - however spurious - the progression of cybercrime to ransom demands is a worrying development which could put many more businesses, even those without contentious or provocative standpoints, at risk.
According to a recent Government poll, almost a quarter of small business owners consider cyber security 'too expensive to implement' while 22% admit they have 'no idea where to start'. These findings have prompted the Government to set up a list of recommended IT security policies for businesses as well as a £5,000 grant to help implement them.
For TalkTalk's customers, the Guardian has compiled a list of precautions users should take to be alert for fraudulent activity.
TalkTalk will now face an uphill battle to recover from the latest breach and offer yet another example of the imperative of doing everything possible to protect sensitive data, a fact Ms Harding is eager to stress.
"Whether it is the US government, Apple, a host of companies, cybercrime is something we all need to get better at defending ourselves against."Dido Harding, TalkTalk