- The alleged customer information of 19 million TalkTalk customers were discovered online
- However, the authenticity of the violation is questioned
- TalkTalk says it is investigating allegations
The British broadband and television giant TalkTalk investigates a possible violation of data after alleged information on customers was found on sale on a cybercrime forum.
Reports of The register confirmed that this violation would come from a third -party supplier and could assign up to 19 million old and current customers from TalkTalk.
The computer hacker that has published the data using the pseudo “B0ND” says that data contains personally identifiable information (PII). Here is what we know so far.
Another telecommunications target
The data would include personal information such as email addresses, complete names, IP addresses, telephone numbers and PIN codes of subscribers.
“As part of our regular security surveillance, given our constant concern to protect the personal data of our customers, we have been informed of unexpected access and abusive use of one of the systems of our Third party supplier. The register.
“Our response team continues to work with the supplier on this subject and protective containment measures were taken immediately.”
However, the authenticity of the violation has already been questioned, largely due to the size of the set of data, which contains 18.9 million individual data, is much more than the current customers of the business.
Calculations of The register Considers that since its creation in 2003, TalkTalk has never gathered as many customers as the data set for containing them.
“Our surveys are underway, but we can confirm that the number of potential customers mentioned in some online messages is completely inaccurate and very widely overestimated,” added Talktalk.
TalkTalk is unfortunately not unrelated to data violations, because he underwent an “important” cyber attack in 2015, which led to the exposure of up to 150,000 data from his customers based in the United Kingdom, which Valu to the company a fine of £ 400,000 GDPR so as not to have implemented “the most basic cybersecurity measures”, which allowed IT hackers to “easily penetrate its systems”.
It is not the only major telecommunications company to encounter difficulties in recent times, with up to 9 companies raped by Chinese state actors during a “major incident” at the end of 2024.
What to do after a violation
If you think your data may have been compromised during this violation or any other data violation, there are several ways to protect you and mitigate any damage.
If your information has been exposed, you risk attackers to use your data to commit identity theft. It is therefore crucial to closely monitor your bank accounts and solvency reports. Alternatively, consulting our list of the best protections against identity theft can simplify the process for you.
Without protection services against identity theft, if you notice a suspicious activity on your accounts, you will have to call your bank immediately, freeze your credit, modify your passwords and probably submit police reports – which can be a rather exhausting process.
Social engineering attacks, most often in the form of sophisticated by phishing scams, are also a subject of concern. Once the attackers have access to your personal information, they can create scams specifically for you, by pretending to be family members or services that you use regularly.
To protect yourself from it, the key is to be vigilant. Make sure you check the identification information for all emails, SMS or calls you receive, in particular those that are unexpected and require action.
If you are offered an offer too good to be true or if you are faced with an emotional call, be very careful when you check the identity of the sender and do not transmit your information to someone you know not.
Be extremely cautious when click on links in emails, as this can lead to the installation of viruses or malicious software on your device and lead to entry of additional information.
Data violations are unfortunately inevitable for anyone with an online presence. Therefore, to take proactive measures to protect yourself, make sure you have a strong password is a great way to stay safe. It is particularly important to make sure not to repeat the passwords of several sites, because it means that if a password is exposed during a violation, it is limited to this single site, thus protecting the rest of your data .
For safety, an excellent tool is a multifactor authentication application, which offers an additional safety layer for any sensitive information. Yes, they can be a bit complicated when you are looking to get the right code on your phone, but they are much more practical than you fly your bank details.
