Third Man Held Over TalkTalk Security Breach

Uploaded on 2015-11-01 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

 

TalkTalk has said the scale of the security breach was "much smaller" than originally suspected and a 20-year-old Staffordshire man has become the third person to be arrested over the TalkTalk cyber attack.

Up to 1.2 million email addresses, names and phone numbers, along with bank details, were accessed by hackers during the security breach last week. The man was arrested in Staffordshire by the Met Police on suspicion of offences under the Computer Misuse Act.

Police have also arrested and bailed a 16-year-old boy from west London and a 15-year-old boy in Northern Ireland. Both were arrested on suspicion of Computer Misuse Act offences, with the 16-year-old bailed until an as yet unconfirmed date and the 15-year-old bailed until November.

Police confirmed that officers have also carried out a search at a residential property in Liverpool in connection with the "significant and sustained" attack on its website on 21 October.

What should you do if you think you're at risk? Report any unusual activity on your accounts to your bank and, if you are in England, Wales or Northern Ireland, to the national fraud and internet crime reporting centre Action Fraud on 0300 123 2040 or www.actionfraud.police.uk. If you are in Scotland, call Police Scotland.

            TalkTalk is advising customers to change their account password as soon as its website is back up and running and any other accounts for which you use the same password.
    
        Beware of scams: TalkTalk will not call or email customers asking for bank details or for you to download software to your computer, or send emails asking for you to provide your password.

TalkTalk's chief executive Dido Harding has said the scale of the attack was "much smaller than we originally suspected" but she said the company still needed to "work hard to earn back your trust".

The phone and broadband provider has said hackers accessed up to 28,000 obscured credit and debit card details, with the middle six digits removed, and 15,000 customer dates of birth.

It said any stolen credit or debit card details were incomplete - and therefore could not be used for financial transactions - but advised customers to remain vigilant against fraud.

The company, which has more than four million UK customers, said it was writing to all affected customers to let them know what information had been accessed.

MPs will launch an inquiry into the attack, with culture minister Ed Vaizey saying the government is not against compulsory encryption for firms holding customer data.

The latest breach is the third in a spate of cyber incidents affecting TalkTalk in the last year. 

The investigation, into the security breach is being carried out by the Metropolitan Police, Northern Ireland's Cyber Crime Centre and the National Crime Agency.
BBC: http://bbc.in/1NkKGYF

 

 

« Cyber Attack Recovery Times Cause Big Concerns
U.S Navy Plans To Deploy A Submarine Drone Squadron By 2020 »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Telecom Information Sharing and Analysis Center Japan (T-ISAC Japan)

Telecom Information Sharing and Analysis Center Japan (T-ISAC Japan)

T-ISAC Japan coordinates information sharing and activities related to ISP/telecommunications network security in Japan.

tietoEVRY

tietoEVRY

TietoEVRY creates digital advantage for businesses and society. We are a leading digital services and software company with local presence and global capabilities.

Cybernetica

Cybernetica

Cybernetica is an ICT company with activities in e-government, marine comms, data analysis and research in information security technologies.

Kroll

Kroll

Kroll provides clients a way to build, protect and maximize value through our differentiated financial and risk advisory and intelligence.

Sensible Vision

Sensible Vision

SensibleVision helps organizations transparently protect data and prevent costly security breaches by constantly verifying the identities of people who use computers or mobile devices.

Digital Ship

Digital Ship

Digital Ship provides news, information, conferences and events focused on digital ship systems, information technology and security relating to maritime operations.

Cyverse

Cyverse

Cyverse is a cyber-security firm which provides corporations with state-of-the-art cyber-security service-based and technological solutions made in Israel.

Cylus

Cylus

Cylus, a global leader in rail cybersecurity, helps rail and metro companies avoid safety incidents and service disruptions caused by cyber-attacks.

Archivo

Archivo

Archivo is a value added reseller focused on Disaster Recovery as a Service (DRaaS), backup, hyper-convergence, hybrid storage and Cyber security.

At-Bay

At-Bay

At-Bay offer an end-to-end solution to cyber risk with comprehensive risk assessment, a tailored cyber insurance policy and year-long, active, risk-management service.

BeyondTrust

BeyondTrust

BeyondTrust is a leader in Privileged Access Management, offering a seamless approach to preventing data breaches related to stolen credentials, misused privileges, and compromised remote access.

Cira Info Tech

Cira Info Tech

Cira InfoTech’s cyber security and network consulting and managed services deliver unmatched talented resources and capabilities required to design and build an agile and adaptive IT environment.

Crispmind

Crispmind

Crispmind creates innovative solutions to some of today’s most challenging technology problems.

Certcube Labs

Certcube Labs

Certcube Labs provide a broad range of services in the areas of Assessments, Development, Risk Advisory, Blockchain, Forensics Investigations, Managed Security Solutions, and IT Security Trainings.

American Binary

American Binary

American Binary is a Quantum Safe Networking (TM) and post-quantum encryption company.

Anetac

Anetac

Developed by seasoned cybersecurity experts, the Anetac Identity and Security Platform protects threat surface exploited via service accounts.