The company’s chief executive has admitted that TalkTalk was the victim of a “significant and sustained cyber attack” on its website on Wednesday.
It has now emerged that CEO Dido Harding also received a ransom note from someone claiming to be behind the hack that potentially leaves the sensitive personal data of around four million customers at risk.
— TalkTalk (@TalkTalkCare) October 22, 2015
A TalkTalk spokeswoman said: “We can confirm we were contacted by someone claiming to be responsible and seeking payment.”
The Mirror reports
The most recent breach was the third in a spate of cyber attacks affecting them in the last eight months.
In August the company said its mobile sales site was hit by a “sophisticated and co-ordinated cyber attack” in which personal data was breached by criminals.
And in February TalkTalk customers were warned about scammers who managed to steal thousands of account numbers and names from the company’s computers.
Despite the attack happening on Wednesday morning, TalkTalk informed customers on Thursday night
Mrs Harding added: “I know it feels like a very long time but at Wednesday lunchtime all we knew was that our website was running very slowly, that our email system was running slowly, and that is usually an indication that someone is trying to bombard your systems to get in.
“So we took the decision to bring down our systems right away, we then spent the next 24 hours trying to work out exactly how someone had got in and what data they had accessed.
“We don’t know for certain yet exactly what data has been accessed, what customer information has been stolen, so we have taken the precaution, actually very quickly, to try and let all of our customers know, so that we can help them and they can help secure their own information.”
Scotland Yard’s cyber crime unit said it has launched an investigation alongside the National Crime Agency (NCA) but as yet no arrests have been made.
One theory for the motive behind the attack is Islamic extremism, with one self-proclaimed group putting what it said was personal details of TalkTalk customers on a website.
Adrian Culley, a former detective in the Met’s cyber crime unit, told BBC Radio 4’s Today programme: “They are claiming to be from Soviet Russia and be an Islamic cyber jihadi group.”
However, the accuracy of the information has not been verified and there was also speculation that blackmailers could be behind the attack.
Professor Peter Sommer, from at De Montfort University’s cyber security unit, told Today: “It seems to me the suggestion that these are Islamic terrorists who are perpetrating it is unlikely, not impossible.
“One has to look at what is probably the most likely outcome.
“One of them is an extortion attempt; since they have gone public I suspect that’s not going to work.
“The other one is just to get hold of the credit card information, get hold of the personal information.”