Anyway, TalkTalk warned all of its subscribers not to give out financial details in case of being contacted by phone or email. In the meantime, the police continue criminal investigation, including a ransom demand sent to the company after its CEO was contacted directly to hear the money demands in exchange for the data.
At the same time, TalkTalk doesn’t say whether customers would be compensated or allowed to break TalkTalk contracts without being penalized. Security experts wonder how well the company secured its customers’ data, because its CEO admitted she did not even know whether details were encrypted. It should also be noted that this was the company’s 3rd major data breach in the past year. Apparently, when such sensitive information as bank details have been compromised, customers should be warned immediately.
In response, TalkTalk claimed such allegations were unfair, as the company went public with this within 36 hours. In the meantime, some TalkTalk customers have confirmed that their bank accounts and credit cards have already been targeted. Currently, TalkTalk assumes a worst-case scenario and investigating whether details of both past and present customers were stolen, while notifying all customers about that, so that they can protect themselves in advance.
TalkTalk explains that new techniques for attack develop all the time, and despite the fact that TalkTalk constantly updates and reviews its systems, it remains a very attractive target as one of the major British ISPs. The company also explained that Scotland Yard is investigating the case alongside the National Crime Agency, but so far no arrests have been made.
