Talk Talk - security - advice

[23 Oct 2015] Most people affected will probably know by now that Talk Talk suffered a sustained cyber attack on their website on Wednesday 21st October. A criminal investigation was launched by the Metropolitan Police Cyber Crime Unit yesterday. The company has begun contacting every customer directly, but in the meantime is working with the media to ensure customers get the information they need as quickly as possible. UKeiG is passing on the information available at this time. The investigation is still ongoing, but unfortunately there is a chance that some of the following data may have been compromised - Names, Addresses, Dates of birth, Email addresses, Telephone numbers, TalkTalk account information, and Credit card details and/or bank details. Talk Talk is contacting all customers by email and letter.

Talk Talk advise their customers "to:

  • Keep an eye on your accounts over the next few months. If you see anything unusual, please contact your bank and Action Fraud as soon as possible. Action Fraud is the UK’s national fraud and internet crime reporting centre, and they can be reached on 0300 123 2040 or via www.actionfraud.police.uk
  • If you are contacted by anyone asking you for personal data or passwords (such as for your bank account), please take all steps to check the true identity of the organisation.
  • Check your credit report with the three main credit agencies: Call Credit, Experian and Equifax.

And - presumably - once you are back online, change your password. Talk Talk also hjighlight the fact that you should be aware, TalkTalk will NEVER call customers and ask you to provide bank details unless we have already had specific permission from you to do so or send you e-mails asking for your password.

The full text of their current message to customers can be found at:
https://help2.talktalk.co.uk/oct22incident