It seems with every passing month that there is news of another high profile security breach. Now telecoms company TalkTalk confirms it has been the victim of a hacking scandal affecting thousands of users.
TalkTalk has emailed customers to warn them of the scam in which hackers stole account numbers and names from the company’s database. Believed to have taken place last year, the theft was uncovered following a sudden rise in complaints about scam calls between October and December 2014.
Stolen data used to defraud customers
Worryingly, scammers have been using the information to pose as TalkTalk customer service staff to trick people into handing over bank details or paying for security software and services they don’t need. TalkTalk sent the email out to its entire client base – around four million customers in total – although the data theft is thought to have only affected a small number of these. The company has been unwilling to announce the exact number, but has confirmed it is in the “small thousands”, according to some press sources.
A spokesperson for TalkTalk said: “We have now concluded a thorough investigation working with an external security company, and we have become aware that some limited non-sensitive information may have been illegally accessed in violation of our security procedure.
“We are aware of a small, but nonetheless significant, number of customers who have been directly targeted by these criminals and we have been supporting them directly”.
Legal action now underway
The information stolen includes names, addresses, phone numbers and TalkTalk account numbers, but the telecoms company is confident that no sensitive or payment data went astray. Its internal systems were targeted through a third party who had access to its network. Legal action is now being taken against this unnamed party.
TalkTalk has set up a dedicated helpline for those who have been hit by the scammers and urges these customers to call 0800 083 2710.