Friday, January 15, 2016

Cyber News | TalkTalk Data Breach

Talk Talk Data Breach

In 2015 there was one data breach incident occurred at TalkTalk, a telecommunication service provider from UK. The breach happened as there was vulnerability at the website and the website was compromised.

In October 21, 2015 TalkTalk initially informed the website is just taken down. But later on October 23, TalkTalk have confirmed they have suffered a cyber attack. The CEO confirms that the firm received a ransom message and as well, names, addresses, date of birth, credit card / bank details etc. Of approximately 4 Million customer has been compromised. As of a result of this potential risk to customers’ personal data, Dido Harding, the CEO, urges customers to be cautious of unexpected phone calls that ask for personal information with respect to their TalkTalk accounts.

On October 24, one customer complained that scammers stole cash from her bank account and used it to purchase £600 worth of goods before the card was blocked, whereas another user reports that the hackers interfered with the broadband connection.

Next day on October 25, TalkTalk released an update in which it reveals that the attack was targeted to website not customers. As well company told that they do not keep credit card details on their website.

So very less amount of financial data may have been compromised. Behind this incident one 15 year teen was arrested by the Cyber Crime Division who was associated with the breach. There was SQL Injection attack. 

In November in an update, TalkTalk reports that the total cost of the damages it expects to incur as a result of the October data breach will range between £30 million and £35 million. These damages, the company goes on to explain, are largely due to a “loss of online sales and service capability.”

Security blogger Brian Krebs, citing sources “close to the investigation,” reported that a hacker group had demanded a ransom of £80,000 in bitcoins (about $122,000) in exchange for a stolen cache of customer data.

Just for the update and information on how personal and sensitive information can be stolen.

-DR


at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Network Scanning Tools

Network Scanning through Nmap and Nessus Network scanning is a process used to troubleshoot active devices on a network for vulnerabilities....

  • Basics of Ethernet
    Ethernet   Ethernet is the Media access method in a network where all the device or hosts , that share data or share the bandwidth in betw...
  • Telecom | STM-1/4/16 SDH Multiplexer- Part 2
    STM-1/4/16 SDH Multiplexer In my older post I have covered the basic STM and STM-1. STM1 is a synchronous digital hierarchy (SDH) is standar...
  • General IT Controls -ITGC & GTAG
    General IT Controls (GITC or ITGC) Information Technology General Controls is a type of internal controls which is combined a set of policie...