Any OcUKers on TalkTalk been robbed yet?
Still havent been to check mine yet, But my mate who warned me this morning says the £300 he's lost has been taken by an account in Moscow.
Any OcUKers on TalkTalk been robbed yet?
I'm assuming you are referring to DDoS attacks against end-users/broadband/fibre customers?
How are these "mitigated" if they (the target) still go offline during the attack?
Unless you mean contained as in it only affects the target and no other customers.
[EDIT] I don't mean to sound as if I'm doubting/going against what you say if that's how it comes across!
Old fashioned DDOS mitigation such as RTBH (remotely trigger black hole filtering) will do exactly as you say, and simply take the host offline, (which isn't really containing anything, it's just protecting the provider network against routing all the botnet traffic down to the egress broadband gateway, and relieving congestion)
But there are other solutions where suspect traffic identified as potential DDOS traffic can be re-directed through a scrubbing farm and "cleaned" which is better for the end host, but more expensive and sometimes not as effective as advertised..
The really cool one, is a newer technology known as BGP flowspec, where a controller inside the network can automatically apply policy to only block the exact DDOS source/destination/ports, and leave other traffic intact,
There are good working solutions out there that people have, but it is quite a difficult and ever changing threat.
What's the actual cost, and to what extent does it prevent issues like if someone tries to DDOS you? So, say for a company of TalkTalk's size, then one of Overclockers' size, how much would they be spending on their whole web presence, then how much more would what you're talking about cost?
Ah, I'm assuming general broadband/fibre residential customers are just null-routed then during the attack rather than being routed alternatively for any sort of inspection and filtering.
It's a shame to have to spend at least 10,000x as much of what an attacker can spend, to defend against such an attack.
Yeah they have to say there is a "chance" because their servers/database have been compromised.
The likelihood that the attackers have managed to extract credit card information would be relatively low, and I highly doubt that if there was infact credit card information stored and that it would be in plain view to see, it will definitely will be hashed/encrypted. If the encryption was not a common one like MD5 etc, then the algorithm would need to be found out and cracked anyway.
Not saying there isn't a chance though but I doubt anyone needs to worry about their financial information. The days are mostly gone where webshops keep CC info stored on their databases for reasons such as this, especially a big company such as TalkTalk.
We're see!
Unfortunately a lot of large orgs have this sort of mentality throughout anything IT related, some people still like using 10 year old outdated computers running outdated unsupported operating system, because apparently it "all still works", then when something goes wrong there quick to blame IT.
It appears to have been an SQL injection vulnerability the led the attackers to steal this data. For those who don't know normally an SQLi vulnerability is where a input parameters passed via a web interface to a back-end database are not properly sanitized and in this case the privilege level of the database account used by the web interface used was likely higher than it should have been.
Has there been reports it was a sql injection?
Really makes me sad that something relativly easy to prevent isn't secured in such a large company. Maybe PCI isn't stringent enough this day and age.
Anyone know if I can leave for this breach without paying to get out ? only just renewed a few months ago