TalkTalk subscribers are this morning waking up to news that the company has been the subject of another hack. Following an intrusion at the end of last year, which saw some customer data stolen, the broadband provider announced today that its website was the target of a "significant and sustained cyberattack" that may have captured personal details including names, addresses, account information and credit card/bank data.
The attack was detected on October 21st and the Metropolitan Police Cyber Crime Unit launched an investigation into the hack the following day. TalkTalk has already begun contacting customers and says it has "taken all necessary measures to secure our website." At the time of writing, the website's account sections have been taken offline and the company is asking customers who wish to contact its various departments to use the dedicated customer service phone numbers instead.
All major banks have been put on alert and TalkTalk has logged details of the attack with the Information Commissioner's Office, which serves as the UK's data protection authority. The company admits that not all data was encrypted, meaning that some details could be utilised in future phishing attacks.
UK companies have been increasingly targeted in recent months. In August, independent mobile phone retailer Carphone Warehouse admitted that up to 2.4 million customer accounts and around 90,000 encrypted credit card records had been accessed following a cyber attack.
"TalkTalk constantly updates its systems to make sure they are as secure as possible against the rapidly evolving threat of cyber crime, impacting an increasing number of individuals and organisations," says TalkTalk CEO Dido Harding. "We take any threat to the security of our customers' data extremely seriously and we are taking all the necessary steps to understand what has happened here."
[Image credit: edublogger, Flickr]