Third Man Held Over TalkTalk Security Breach

 

TalkTalk has said the scale of the security breach was "much smaller" than originally suspected and a 20-year-old Staffordshire man has become the third person to be arrested over the TalkTalk cyber attack.

Up to 1.2 million email addresses, names and phone numbers, along with bank details, were accessed by hackers during the security breach last week. The man was arrested in Staffordshire by the Met Police on suspicion of offences under the Computer Misuse Act.

Police have also arrested and bailed a 16-year-old boy from west London and a 15-year-old boy in Northern Ireland. Both were arrested on suspicion of Computer Misuse Act offences, with the 16-year-old bailed until an as yet unconfirmed date and the 15-year-old bailed until November.

Police confirmed that officers have also carried out a search at a residential property in Liverpool in connection with the "significant and sustained" attack on its website on 21 October.

What should you do if you think you're at risk? Report any unusual activity on your accounts to your bank and, if you are in England, Wales or Northern Ireland, to the national fraud and internet crime reporting centre Action Fraud on 0300 123 2040 or www.actionfraud.police.uk. If you are in Scotland, call Police Scotland.

            TalkTalk is advising customers to change their account password as soon as its website is back up and running and any other accounts for which you use the same password.
    
        Beware of scams: TalkTalk will not call or email customers asking for bank details or for you to download software to your computer, or send emails asking for you to provide your password.

TalkTalk's chief executive Dido Harding has said the scale of the attack was "much smaller than we originally suspected" but she said the company still needed to "work hard to earn back your trust".

The phone and broadband provider has said hackers accessed up to 28,000 obscured credit and debit card details, with the middle six digits removed, and 15,000 customer dates of birth.

It said any stolen credit or debit card details were incomplete - and therefore could not be used for financial transactions - but advised customers to remain vigilant against fraud.

The company, which has more than four million UK customers, said it was writing to all affected customers to let them know what information had been accessed.

MPs will launch an inquiry into the attack, with culture minister Ed Vaizey saying the government is not against compulsory encryption for firms holding customer data.

The latest breach is the third in a spate of cyber incidents affecting TalkTalk in the last year. 

The investigation, into the security breach is being carried out by the Metropolitan Police, Northern Ireland's Cyber Crime Centre and the National Crime Agency.
BBC: http://bbc.in/1NkKGYF

 

 

« Cyber Attack Recovery Times Cause Big Concerns
U.S Navy Plans To Deploy A Submarine Drone Squadron By 2020 »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Zimperium

Zimperium

Zimperium offers enterprise class protection for mobile devices against the next generation of advanced mobile attacks.

IronScales

IronScales

IronScales combines human intelligence with machine learning to automatically prevent, detect and respond to email phishing attacks.

Blue Ridge Networks

Blue Ridge Networks

Blue Ridge offers a suite of solutions that enable secure remote access to the enterprise network with protection and control of endpoints.

inBay Technologies

inBay Technologies

inBay Technologies' idQ Trust as a Service (TaaS) is a unique and innovative SaaS that eliminates the need for user names and passwords.

Balbix

Balbix

Balbix BreachControl™ is the industry’s first system to leverage specialized AI to provide comprehensive and continuous predictive assessment of breach risk.

Ericom Software

Ericom Software

Ericom is a global leader in securing and connecting the digital workspace, offering solutions that secure browsing, and optimize desktop and application delivery to any device, anywhere.

CyberSaint Security

CyberSaint Security

CyberSaint’s CyberStrong Platform empowers organizations to implement automated, intelligent cybersecurity compliance and risk management.

Intersistemi Italia

Intersistemi Italia

Intersistemi is a leading Italian company in the field of information technology integration and digital transformation including cybersecurity.

Maritime Cyber Threats Research Group - University of Plymouth

Maritime Cyber Threats Research Group - University of Plymouth

The Maritime Cyber Threats research group of the University of Plymouth is focused on investigating marine cyber threats and researching solutions.

Larsen & Toubro Infotech (LTI)

Larsen & Toubro Infotech (LTI)

LTI is a global technology consulting and digital solutions company with operations in 33 countries.

Intigriti

Intigriti

Intigriti helps companies protect themselves from cybercrime. Our community of ethical hackers provides continuous, realistic security testing to protect our customer’s assets and brand.

Cerby

Cerby

Your team uses unmanageable applications that put you, your company, and your data at risk. Protect, secure, and accelerate your business automatically with Cerby.

GoTo

GoTo

At GoTo we help people and businesses to connect and collaborate simply and securely – from anywhere. We’re the trusted partner for companies of all sizes.

Sekoia.io

Sekoia.io

Sekoia.io is a European cybersecurity company whose mission is to develop the best protection capabilities against cyber-attacks.

CYTUR

CYTUR

CYTUR provide trusted and secured maritime cybersecurity solutions to keep ships safe, protecting them, their crews, cargo and all stakeholders from maritime cyber threats.

Cyver Core

Cyver Core

Cyver Core is a pentest management and pentest report automation platform that consolidates cybersecurity work, automates overhead, and frees cybersecurity professionals up for the work that matters.