It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
A 15-year-old boy has been arrested by police investigating an alleged hacking attack on the TalkTalk website.
He was held on suspicion of offences under the Computer Misuse Act, following a major breach of the telecoms firm's website last week.
as weird as this world is that wouldn,t surprise me if that actually happened.
originally posted by: Qumulys
More astounding is that the data stored at talktalk containing customers details was not encrypted. A company that large had no encryption? Maybe they should hire the kid to get them to sort their crap out.
maybe i,ll get away with just offering him double his pocket money and save myself a few quid
originally posted by: Brotherman
a reply to: sparky31
I know I would
well if its the Jihadists then i hope hacking them is as stressful as what customers have to deal with,joking aside i actually do believe it is a 15 year old,its like in school playground,trying to make a name for himself in the hacking world and after this hes going too.
originally posted by: Xcathdra
a reply to: sparky31
So is it the 15 year old or the Jihadists?
TALKTALK BOSS Dido Harding has come under fire after saying in an interview that her company had broken no laws by failing to encrypt data.
The new holder of The INQUIRER's honorary 'Missing The Point Entirely' award, told the Sunday Times (paywalled) that her company's data "wasn't encrypted, nor are you legally required to encrypt it. We have complied with all of our legal obligations in terms of storing of financial information."
yeah i saw her do her interviews on the news and i must have saw a minimum of 15 of them and if she wasn,t reading from a script then i was dreaming the same dream everynight.
originally posted by: Qumulys
a reply to: sparky31
It actually does happen quite often in the industry, mostly because it forces the companies to admit that they know the bare minimum about internet security.
But for a "tech" company, that has now been hacked 3 times in the last year now to still not have any encryption on customers personal and financial details is an appalling level of ignorance in this day and age. So is what the CEO had to say about it;
TALKTALK BOSS Dido Harding has come under fire after saying in an interview that her company had broken no laws by failing to encrypt data.
The new holder of The INQUIRER's honorary 'Missing The Point Entirely' award, told the Sunday Times (paywalled) that her company's data "wasn't encrypted, nor are you legally required to encrypt it. We have complied with all of our legal obligations in terms of storing of financial information."
Which is the ceo equivalent of saying "Mum technically did not specifically mention to not set fire to the curtains, not my fault the house burnt down"
Makes you wonder how these companies get so big in the first place..
Source
seriously what you just said to me could have been written in russian and i would have understood it just as well lol
originally posted by: stormcell
According to other forums, customer data was stored in an SQL database server, and the hack was performed using SQL injection across the internet. So all this kid was going was sending SQL requests to their servers and he got lucky.
Maybe he just modified one of PHP website addresses just to see what would happen. With many websites, you manage your user data through http links such as:
duhinc.com/customerservice/getuserdata.php#userid=8493742934#task=preview
He could have just setup a script to cycle through all the userid's.