UK telecom hit by massive data breach

UK telecom hit by massive data breach
© Thinkstock

The British broadband provider TalkTalk said on Thursday that it has been the victim of a significant cyberattack that exposed the personal data of some of its over 4 million customers.

If confirmed by a Metropolitan Police Cyber Crime Unit investigation, the breach would be one of the largest in U.K. history.


Citing the ongoing investigation, company officials say it’s too soon to know exactly how many of its customers have been affected.

The stolen data includes credit card information, names, addresses and dates of birth.

TalkTalk Chief Executive Dido Harding said on Friday that the company has been contacted by the hackers, who are demanding a ransom for the data.

"We have been contacted by, I don't know whether it is an individual or a group, purporting to be the hacker," Harding told the BBC. Harding indicated that she did not know whether the ransom email was genuine.

A security expert from the cyber defense firm FireEye told Reuters that financial data appearing to belong to TalkTalk customers has appeared for sale on the Dark Web.

Reports have also begun surfacing that TalkTalk customers are receiving phone calls from scammers using the stolen data.

The company has come under fire for lax cybersecurity practices leading up to the breach and a notification process some say is too slow.

The attack occurred on Wednesday, but the company did not alert authorities until Thursday afternoon.

Harding told the BBC “the awful truth is I don’t know” whether all the data was encrypted.

“With the benefit of hindsight, were we doing enough?” Harding said. “Well, you’ve got to say that we weren’t and obviously we will be looking back and reviewing that extremely seriously.”