**Urgent** Cyberattack on TalkTalk website **Urgent**

a reply to: Revolution9

In fact, you can buy lists of us unfortunates who have been compromised on the dark net. They sell huge lists of information of names, personal details and bank accounts there.

"Merchants in the United States are losing approximately $190 billion a year to credit card fraud – much of it online, according to a 2009 Lexis Nexis study – The True Cost of Fraud. Banks lose $11 billion and customers loses about 4.8 billion, so merchants lose almost twenty times as much as banks. " from www.forbes.com...

That is just the U.S. This is craziness.

As a customer with Talktalk I'm disgusted with this company, and the lack security of my personal information.

I've just gone out of my way and switched BB to sky had to bite the bullet of £25 cost, the damage has been done with Talktalk looking to hear from them personally.

B

Hi all, just wanted to give everyone a heads up on this...

I'm with talk talk, I have a calls and Internet package so only usually pay a set monthly fee of 30 something quid. However this morn I have received a bill via email for 331quid which they would have been taking from my bank next week if I hadn't noticed.

I have attempted to call talk talk but at the moment all lines are down with just a standard message saying they were attacked and directing people to their website.

Anyway, just a heads up to keep an eye on your bill too.

Russian Islamist's as the suspect...

That's different.

Cyber security consultant and former Scotland Yard detective Adrian Culley told BBC Radio 4's Today programme that a Russian Islamist group had posted online to claim responsibility for the attacks.

He said hackers claiming to be a cyber-jihadi group had posted data which appeared to be TalkTalk customers' private information - although he stressed their claim was yet to be verified or investigated.

Dido Harding, chief executive of the TalkTalk group, told BBC News the authorities were investigating and she could not comment on the claims.

a reply to: royspeed

What you can do

Keep an eye on your accounts over the next few months. If you see anything unusual, please contact your bank and Action Fraud as soon as possible. Action Fraud is the UK’s national fraud and internet crime reporting centre, and they can be reached on 0300 123 2040 or via www.actionfraud.police.uk
If you are contacted by anyone asking you for personal data or passwords (such as for your bank account), please take all steps to check the true identity of the organisation.
Check your credit report with the three main credit agencies: Call Credit, Experian and Equifax.

Please be aware, TalkTalk will NEVER call customers and ask you to provide bank details unless we have already had specific permission from you to do so.

TalkTalk will also NEVER

Ask for your bank details to process a refund. If you are ever due a refund from us, we would only be able to process this if your bank details are already registered on our systems.
Call you and ask you to download software onto your computer, unless you have previously contacted TalkTalk, discussed and agreed a call back for this to take place.
Send you emails asking you to provide your full password. We will only ever ask for two digits from it to protect your security.
We understand this will be concerning and frustrating, and we want to reassure you that we are continuing to take every action possible to keep your information safe.

Tristia Harrison
Managing Director (Consumer)
TalkTalk

23rd October 2015

help2.talktalk.co.uk...

The company is now claiming to have received a ransom...

www.bbc.co.uk...

It all seems a bit too convenient for my liking. Maybe I was totally off-target with my claims against Experian, but I do find it suspicious how TalkTalk immediately offered their services to all of its customers for free. I also do not trust anything which is ever said in British media about either Russia or “Islamists”, let alone “Russian Islamists”. Anyway, no matter which way we look at this.. clearly something very serious has happened.

The article says it was a DDoS, such that resulted in the loss of data. How could that even happen? A DDoS would typically knock a server off-line and thus making it impossible, or at the very least impractical, to harvest massive amounts of data. I can only assume that the intention behind the attack was to get through the security by means of brute-force. So what kind of technique could possibly be used to achieve this? I really do have to wonder about that!

Whatever, I also have to question why TalkTalk did not unplug their systems while this was taking place. It’s not as if it would have happened in a short space of time, this must have taken a while. I mean, how much data are we even talking about? Let’s just think about this for a moment.. how fast could data downloaded by an attacker while their victim is being hit with, let’s for argument’s sake say, 2 gigabytes of traffic from a 10,000-strong BotNet (after all, we’re not exactly talking about ATS being hit with 1gb, they are telecoms)? And the TalkTalk executives just sat there twiddling their thumbs, watching it happen? Wow.

a reply to: VigiliaProcuratio

Have to agree about the Ddos, doesnt sound right, but often access is gained by causing a server to hicup, a controled attack may have enabled that.
Does seem odd though, but maybe its just TT doing damage control on their customers, because for most of them it wouldn't matter what you told them because they havent got a clue.

Talktalk must shoulder 99% of the blame for this one, they are simply trying to shift the spotlight off their own failures, by blaming, whoever it is that they are blaming today. First they blamed ISIS, now the Russian Islamists..

Talktalk databases were sold to scammers by one of their own members of staff in an offshore call center. The ICO (Information Comissioners Office) strongly urged them to encrypt their databases, to make it much harder to just pull information out in the manner that happened.

Talktalk then suffered a serious security breach, and their databases were stolen by hackers. Again the ICO strongly advised them to implement encryption and secure data handling procedures. Other industry experts recommended a physical separation of their accounts systems, and customer facing systems. That is, not just a firewall, but putting them on a private network with no external access even being possible.

And now this, they get hacked again, and its found that their databases were still not encrypted, secure data handling is still not implemented, and their highly sensitive data storage systems are still accessible over a public interface.

One of the arguments against physical separation is that their web applications need to access the customer database, so that people can make changes to their accounts and pay bills. Not true if they use a read-only or caching system.

originally posted by: BMorris
Talktalk must shoulder 99% of the blame for this one, they are simply trying to shift the spotlight off their own failures, by blaming, whoever it is that they are blaming today. First they blamed ISIS, now the Russian Islamists..

Question -

Exactly when did society become of the mindset that if someone breaks the law the victim is the one responsible? These people had to hack into the system. A system they have no business being in since it does not belong to them.

The blame lies with the group who committed the crime - the hackers.

Just had the following message this morning from Talk Talk. It does not look as bad as first thought, no card numbers or bank account details were taken nor passwords.

a reply to: Xcathdra

Apologies for the slow reply, I went away for the weekend, in pursuit of some nice landscape photographs. I was not successful.

Ordinarily, I would be blaming the hackers, but lets be realistic here.

Talktalk has been hacked twice previously, and STILL not taken any active steps to make such attacks harder, or less profitable. Their data is still unencrypted, their web apps are still insecure. After all this attack was a simple SQL injection attack by making one of their web apps "hiccup", according to the technical press.

Only on Saturday, their CEO said admitted that their databases are not encrypted, and will never be encrypted because there is no requirement for it in the Data Protections act. I'm sorry, but anyone who handles data of this nature should take proactive measures to safeguard it, even if the law doesn't require it.

Having read the DPA, I would say they are twisting the spirit of it to avoid encryption too, because encryption is implied even if not explicitly specified.

Its like a bank, leaving the vault unlocked, and the front door open, then saying "It's not our fault, bank robbery is illegal" when they get robbed. Technically true, but they could have done so much more to prevent it in the first place.

So yes, I hold talktalk substantially responsible for this situation.