Skip to main content

Talk Talk Cyber Attack


The telephone provider Talk Talk has become the victim of a criminal cyber-attack.

While Talk Talk are still assessing what data was accessed during the attack, there are a number of steps you can take if you are a Talk Talk customer.


  • Don't Do Nothing!
    • You can't wait to see if your details have been stolen, you have a responsibility to secure and minimise your exposure to the attack if you are a Talk Talk customer.
  • Change Passwords On Other Sites
    • If you use the same logon credentials (username, email or password) on any other sites or services - change them. One of the things the attackers might attempt to do is to use any details taken from the Talk Talk site on other sites. It's estimated that 78% of internet users use the same password and username on multiple sites.
  • Don't Use A Password More Than Once
    • Use a password tool to generate random and complex passwords that are different on every site you use.
  • Don't Follow Email Links
    • It's a bit surprising that Talk Talk have said they are going to try to contact users who's details have been stolen, by email. Obviously as one of the personally identifiable pieces of information that would have been taken is your email address, it will be incredibly easy for the attackers to fake an email to look like it's from Talk Talk giving you links to identical Talk Talk sites that they own.
  • Change Your Talk Talk Details
    • Once the Talk Talk site is available again, log in and change your user details immediately. Remember to manually type the Talk Talk website into your browser address bar.
  • Monitor Your Accounts
    • As part of their response, Talk Talk have said they will offer 1 year's free credit monitoring. While this will help there are more things you can do (and remember, the attackers will have your data forever) So ALWAYS keep an eye on your bank statements. Check each and every transaction off and query any that you don't recognise. Criminals who get bank details are unlikely to make a single withdrawal of hundreds of pounds from your account as it could trigger the banks automated monitoring systems and be more easily noticeable to you. Instead they are more likely to take small sums of money, maybe only £1 (and likely a random amount each time to further avoid suspicion). If they do that every month from each of the 3 million customers who could have been effected in this attack, that's about £4 million each month until they are stopped.


More details can be found on the BBC website here: http://www.bbc.co.uk/news/uk-34611857
And on the Talk Talk website here: http://help2.talktalk.co.uk/oct22incident

If you have been contacted by someone pretending to be from Talk Talk, you should contact the Police via their Action Fraud line on 0300 1232040 or at http://www.actionfraud.police.uk

If you want more advice on how to better protect yourself online, or have any security related questions, contact us immediately.

tinsleyNET IT Services Consultant
IT Support for small to medium sized businesses, home office workers and home users across the West Midlands and Shropshire.

Comments

Popular posts from this blog

Facebook Security Settings

2-Step Authentication Scam

Google Goes Sans-Serif

Everyone in the UK should have access to fast broadband internet by 2020