Cyber attack on TalkTalk: what should you do?
An investigation by the Metropolitan Police has been launched into a ‘cyber attack’ on communications firm TalkTalk that could see hundreds of thousands of customers’ data stolen by hackers. There are now reports that the firm has received a ransom demand from criminals demanding payment in return for them not releasing the stolen data.
Here’s our Q&A on the incident and what you should do if you are affected”
What exactly happened?
TalkTalk says “a significant and sustained cyber attack” on its website. The firm has not explained exactly what the attack involved or the nature of the people or organisation that are responsible.
However, it has been working with “leading cybercrime specialists” and the Metropolitan Police Cyber Crime Unit to establish exactly what happened and whether individual’s information has been accessed.
When did the incident take place?
The attack took place on Wednesday 21 October.
Who is affected?
While TalkTalk has been careful not to reveal how many customers have been affected by the attack while the investigation is ongoing, it says there is a chance that some of the following data may have been compromised:
• Dates of birth
• Email addresses
• Telephone numbers
• TalkTalk account information
• Credit card details and/or bank details
TalkTalk has something in the region of 2.7 million customers.
What is TalkTalk doing to sort this out?
It is contacting all customers by email and letter immediately to inform them what has happened and has vowed to keep them up to date as it learns more. It has also worked to secure the website in the wake of the attack and contacted the Information Commissioner's Office.
TalkTalk has also contacted the major banks, which will be monitoring for any suspicious activity on TalkTalk customers’ accounts. Moreover, the firm is offering a year’s free credit monitoring for all of its customers and will be contacting customers with the details.
What should I do to protect myself?
If you use your TalkTalk username and password anywhere else, it would make sense to immediately change your details at those other websites.
You should also keep an eye on your bank account(s) over the next few months. If you see anything unusual, contact your bank and Action Fraud as soon as possible on 0300 123 2040 or via www.actionfraud.police.uk.
If you are contacted by anyone asking you for personal data or passwords (such as for your bank account), take extreme caution in checking the true identity of the organisation.
Check your credit report, preferable via the free facility being set-up by TalkTalk or by using Noddle.co.uk – a free credit checking service.
A report containing detailed information on a person’s credit history, a record of an individual’s (or company’s) past borrowing and repaying, including information about late payments and bankruptcy. It also includes all applications a person has made for financial products and whether they were rejected or accepted. Your credit report can be obtained by prospective lenders to determine your creditworthiness.
Used by the holder to buy goods and services, credit cards also have a monthly or annual spending limit, which may be raised or lowered depending on the creditworthiness of the cardholder. But unlike charge cards, borrowers aren’t forced to pay the balance off in full every month and, as long as they make a stated minimum payment, can carry a balance from one month to the next, generating compound interest. As the issuing company is effectively giving you a short-term loan, most credit cards have variable and relatively high interest rates. Allowing the interest to compound for too long may result in dire financial straits.