talk talk_Logo

Talk Talk Terror, and their response

It’s very much a case of “another week, another attack” I’m afraid. Unfortunately for what is thought to be around four million people, the attack this week was at telecommunications group Talk Talk.

However, news breaks today that the attack is limited in it’s scope, and may not be as bad as previously thought. (See BBC News running the story) Instead of an attack on TalkTalk’s data servers, the attack is now believed to have been on TalkTalk’s website. This adds another layer to what is an already convoluted story, so I have summarised the key facts below:

  • Any card details stolen would have been incomplete. These would not have been usable for transactions, but there is still a risk presented.
  • Email addresses could have been stolen.
  • TalkTalk do not know how much of the information was encrypted, or whether or not the hackers had access to as much data as they claim to have had.
  • Any information issued by TalkTalk is available here, although they have been criticised for not providing enough information to customers.
  • Free credit monitoring has been offered to all TalkTalk customers, and it is advisable that this is used to ensure safety. However, there is a possibility that this site has been attacked, or could become a target in the wake of the TalkTalk attack, so the best plan of attack would be to monitor your own accounts in the short term. (Update: After feedback from Daly in the comments below, it has become apparent that Talk Talk are looking into providing this, rather than anything concrete.)
  • Police and “cyber crime experts” are continuing an investigation into the attack and trying to determine what data has been compromised. Again, the TalkTalk website is the most reliable source of information on this.

So while the impact of the attack could be massive, it also highlights an “inconvenient truth”, for want of another phrase. This being the fact that companies and the general public are simply not prepared enough to deal with a cyber attack. Not only is data not adequately protected in the first place, there are no clear recovery procedures in place, and since the attack TalkTalk pretty much appears as a headless chicken. This is obviously incredibly unnerving for consumers, as it seems like TalkTalk are withholding information. However the reality is far more disturbing; they actually don’t know the information themselves.

I therefore recommend that you personally create an action plan, so that you can take steps to protect yourself, should a site that holds information on you become compromised. Obviously, I cannot post a generic plan and have this apply to everybody, but actions such as changing passwords, and monitoring bank accounts should be fairly standard. The rest is variable. To help you determine whether any data on you has been taken from an exploited site, I recommend haveibeenpwned.com. This site is maintained by security researcher Troy Hunt, and is excellent for providing information on whether or not you need to take steps to protect yourself.

That’s pretty much all I have to say on the matter, as I don’t simply want to regurgriate the news or to spread false stories. Let me know if you have any queries or need help securing accounts.

4 comments for “Talk Talk Terror, and their response

  1. Daly
    24th October 2015 at 11:06 pm

    Just to clarify, they’ve not yet offered the credit monitoring but are looking into providing this – I was one of the lucky many who received an e-mail.

    Even if the data is not directly offering credit card details, it can be used to reference. If someone has managed obtain your credit card details from another breach, the addition of the leaked DOB is pretty handy and can result in some damage with a credit card, name and address.

    TalkTalk need to do a lot more to make this right, I can change my e-mail address, passwords, even my bank account and credit card (with some amount of effort). I can’t change my date of birth and address, it’s only a matter of time until this is a torrent or hosted fully on Tor…

    Just to add my recent experiences, I’ve been having ‘dodgy’ phone calls stating they’re from TalkTalk for now 2 years and recently had my banking ‘done’, I would be willing to bet that people have had access for some time.

    • 24th October 2015 at 11:14 pm

      Hi Daly,

      Appreciate the clarification – optimises what I’m saying about the confusion ironically.

      I could not agree more, companies need to take a lot more responsibility, and burying their hands in the sand just isn’t going to cut it anymore.

      You make a good point there that most, myself included, have not fully explored. Entirely possible that those who have compromised the site did so a while ago, and have only just been detected.

      Thank you very much for your thoughts and I hope you enjoyed the read, Tom 🙂

  2. Daly
    25th October 2015 at 9:15 am

    Just to updaet, they are now providing monitoring (as of this morning) from Noddle. Any one affected should use the code TT231.after following the sign up process.

    Enjoyed the post!

Leave a Reply