Third Man Held Over TalkTalk Security Breach

 

TalkTalk has said the scale of the security breach was "much smaller" than originally suspected and a 20-year-old Staffordshire man has become the third person to be arrested over the TalkTalk cyber attack.

Up to 1.2 million email addresses, names and phone numbers, along with bank details, were accessed by hackers during the security breach last week. The man was arrested in Staffordshire by the Met Police on suspicion of offences under the Computer Misuse Act.

Police have also arrested and bailed a 16-year-old boy from west London and a 15-year-old boy in Northern Ireland. Both were arrested on suspicion of Computer Misuse Act offences, with the 16-year-old bailed until an as yet unconfirmed date and the 15-year-old bailed until November.

Police confirmed that officers have also carried out a search at a residential property in Liverpool in connection with the "significant and sustained" attack on its website on 21 October.

What should you do if you think you're at risk? Report any unusual activity on your accounts to your bank and, if you are in England, Wales or Northern Ireland, to the national fraud and internet crime reporting centre Action Fraud on 0300 123 2040 or www.actionfraud.police.uk. If you are in Scotland, call Police Scotland.

            TalkTalk is advising customers to change their account password as soon as its website is back up and running and any other accounts for which you use the same password.
    
        Beware of scams: TalkTalk will not call or email customers asking for bank details or for you to download software to your computer, or send emails asking for you to provide your password.

TalkTalk's chief executive Dido Harding has said the scale of the attack was "much smaller than we originally suspected" but she said the company still needed to "work hard to earn back your trust".

The phone and broadband provider has said hackers accessed up to 28,000 obscured credit and debit card details, with the middle six digits removed, and 15,000 customer dates of birth.

It said any stolen credit or debit card details were incomplete - and therefore could not be used for financial transactions - but advised customers to remain vigilant against fraud.

The company, which has more than four million UK customers, said it was writing to all affected customers to let them know what information had been accessed.

MPs will launch an inquiry into the attack, with culture minister Ed Vaizey saying the government is not against compulsory encryption for firms holding customer data.

The latest breach is the third in a spate of cyber incidents affecting TalkTalk in the last year. 

The investigation, into the security breach is being carried out by the Metropolitan Police, Northern Ireland's Cyber Crime Centre and the National Crime Agency.
BBC: http://bbc.in/1NkKGYF

 

 

« Cyber Attack Recovery Times Cause Big Concerns
U.S Navy Plans To Deploy A Submarine Drone Squadron By 2020 »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Imperva

Imperva

Imperva is a leading provider of data and application security solutions including DDoS protection, Web application security, Data security and Cloud security.

Tresorit

Tresorit

Tresorit helps teams to collaborate securely and easily by protecting their data with end-to-end encryption.

Oak Ridge National Laboratory (ORNL)

Oak Ridge National Laboratory (ORNL)

ORNL conducts basic and applied research and development in key areas of science for energy, advanced materials, supercomputing and national security including cybersecurity.

TorGuard

TorGuard

TorGuard is a Virtual Private Network services provider offering secure encrypted access to the internet.

Lightship Security

Lightship Security

Lightship Security is an accredited Common Criteria and FIPS 140-2 IT security testing laboratory that specializes in test conformance automation solutions and IT product security certifications.

ENAC

ENAC

ENAC is the national accreditation body for Spain. The directory of members provides details of organisations offering certification services for ISO 27001.

Slovak National Accreditation Service (SNAS)

Slovak National Accreditation Service (SNAS)

SNAS is the national accreditation body for Slovakia. The directory of members provides details of organisations offering certification services for ISO 27001.

CPP Group UK

CPP Group UK

CPP Group UK develops products to help insurers add further value to their products and services through its innovative suite of new products in FinTech, InsurTech and cyber security.

Vortiv

Vortiv

Vortiv Ltd (formerly known as Transaction Solutions International Ltd) is a technology based company focused on the cybersecurity and the cloud services sector.

SoloKeys

SoloKeys

SoloKeys provides the first open-source FIDO2 security key: Protect your online accounts against unauthorized access by using the most secure login method.

AML Global Solutions (AMLGS)

AML Global Solutions (AMLGS)

AMLGS delivers Financial Crime prevention training programmes and consultancy services encompassing Anti-Money Laundering (AML), Counter Terrorism Financing (CTF), Bribery & Corruption and Fraud.

Airtel Secure

Airtel Secure

Airtel Secure’s multi-layered, full service cybersecurity offerings are designed to safeguard enterprises against threats of various kinds and origins.

Digital Element

Digital Element

Digital Element is a global IP geolocation and intelligence leader with unrivaled expertise in leveraging IP address insights to deliver new value to companies.

Telesystem

Telesystem

Telesystem empowers businesses across the USA with a range of innovative network, communication and collaboration solutions.

Offensive Security Manager (OSM)

Offensive Security Manager (OSM)

Offensive Security Manager is the ultimate AI software that will enforce offensive security automation, orchestration, coverage, ensure quality, and lets you manage whole process.

SecondSight

SecondSight

SecondSight’s Vertical AI embodies a full-spectrum approach to cyber insurance, facilitating accurate digital risk profiling.