TalkTalk suffers DDoS, data breach, and ransom demand
On October 22, 2015, UK Telecom group TalkTalk disclosed it had experienced a DDoS attack on its websites. This was probably to draw attention away from the true attack, during which personal and banking details of up to 4 million customers is thought to have been accessed. Former customers may also be affected and it was not known whether the information seized by the hackers was encrypted or not.
The stolen, unencrypted data[1] includes:
• Names and addresses
• Dates of birth
• Email addresses
• Telephone numbers
• TalkTalk account information
• Credit card and bank details
TalkTalk stated they had received a ransom demand from a group claiming to be responsible. The data would be made public unless the ransom is paid.
▻http://www.independent.co.uk/news/uk/crime/talktalk-cyber-attack-company-receives-ransom-demand-from-hackers-a67
A message was posted online to the Pastebin website claiming the attack was the work of a Russian-based team of Islamic extremists.
And while experts have met the unverified claim of responsibility with scepticism, the company has now said it has been contacted directly by alleged hackers.
Brain Krebs claims the ransom amounts to 122.000 EUR in bitcoins
▻https://krebsonsecurity.com/2015/10/talktalk-hackers-demanded-80k-in-bitcoin
Some customers complained that they were targeted by criminals before TalkTalk disclosed the cyberattack and that TalkTalk has covered up both the scale and duration of this attack
▻http://www.telegraph.co.uk/news/uknews/law-and-order/11952192/TalkTalk-faces-new-questions-over-cyber-attack.html
On 24 October TalkTalk issued a statement saying that a “materially lower” amount of customers’ financial information was stolen than was first thought, and that the stolen data was not sufficient for money to be taken from bank accounts.
▻http://www.theguardian.com/business/2015/oct/24/talktalk-attack-government-urged-to-do-more-on-cybercrime
[1]
▻http://www.theregister.co.uk/2015/10/25/talktalk_boss_no_legal_obligation_to_encrypt_customer_bank_details
TalkTalk stated the lost data had not been encrypted, but they were not legally required to encrypt it.