TalkTalk Website Hit By Cyber-Attack
- Thread starter LoadsaMoney
- Start date
I think, you should have a account number & you should be able to put that on the credit card site, like there should be a pay to option & it asks you for the account # to pay to... I am no where smart enough to think this through, but you get the idea right?
Last edited:
Soldato
- Joined
- 16 Aug 2009
- Posts
- 8,156
It doesn't surprise me honestly. They've always had a cavalier attitude where their customers are concerned, pile 'em high and sell 'em cheap seems to be their business model. Unfortunately that tends to extend to their customer services and now it seems, their data. I entered my details in their line checker before years ago and got endless phone calls from them trying to get me to sign up and basically had to tell them to get lost. I've avoided them in the past for these reasons.
Funnily enough I entered my number and postcode into their availablity checker the night before and the next day their site was down and my first reaction was "blimey what did I do?!"
They only got what you would find in the phone directory so I figure I'm probably ok.
Funnily enough I entered my number and postcode into their availablity checker the night before and the next day their site was down and my first reaction was "blimey what did I do?!"
They only got what you would find in the phone directory so I figure I'm probably ok.
Last edited:
The main issue was (which now is known not to be the case) if passwords got leaked. Undoubtedly a lot of these passwords would be the exact same ones people use elsewhere. So if you got an email address or name to go along with that, it could have been a problem.
It's not so much the chance that they can possibly take money from the bank with these details, it's the fact they can setup a fake ID using the info they have and ultimately cause misery with no doubt regular purchases all over the net.
Just setup the Noddle credit checker and tried to sign up for their monitoring service, using the free code that TT have issued......."PROVIDED CODE IS NOT VALID".....another top draw effort TT.
EDIT : After a Google search I finally came across the following link which tells you exactly how to use the free monitoring service.
TT main page, where I first got the info from just tells you about it, the step by step is in the link : Noddle
EDIT : After a Google search I finally came across the following link which tells you exactly how to use the free monitoring service.
TT main page, where I first got the info from just tells you about it, the step by step is in the link : Noddle
Last edited:
Only thing pathetic was their network and service. I don't care who you are with - couldn't careless. I still maintain this is a tech forum and as such TalkTalk should be banned along with users who admit to using them.
Only thing pathetic was their network and service. I don't care who you are with - couldn't careless. I still maintain this is a tech forum and as such TalkTalk should be banned along with users who admit to using them.
You don't care who he is with but you care enough that TT users on this forum should be banned, because it is a "tech forum".....
If you went on a car forum and someone bought a Kia, would you have them banned?
Should everyone with a PS4 on here be banned? Games consoles are tech. They got multiple breaches. Following what appears to be your logic, the answer to this will be yes?
You have also yet to enlighten us as to who and which ISP is on your "OK to go with" list. We are all desperate to know this information and how you, yourself, know it as well. Thanks.
Soldato
- Joined
- 11 Apr 2006
- Posts
- 7,197
- Location
- Earth
Had an email at 3:24am stating not as serious as first thought
Dear Mr M
We know it’s been a worrying and frustrating time since Wednesday’s cyber attack on our website. We’re doing everything we can to get to the bottom of what happened as soon as possible and to keep you updated. Our investigations are currently showing the following:
• The number of customers affected and the amount of data potentially stolen is smaller than originally thought. Our website was attacked, but our core systems weren’t and remain secure.
• On its own, none of the data that may have been accessed could be used to leave you financially worse off.
• We don’t store unencrypted credit or debit card data on our site, so any card details which may have been accessed have the 6 middle digits blanked out. For example, it would appear as 012345XXXXXX6789. This means it can’t be used for financial transactions.
• No My Account passwords have been accessed.
• No banking details were taken that you won’t already be sharing with people when you write a cheque or give to someone so they can pay money into your account.
We will continue investigating and promise to keep you updated as we know more. In the meantime, we strongly encourage that you:
• Sign up to your free credit reporting service. We have partnered with Noddle, one of the leading credit reference agencies, to offer 12 months of credit monitoring alerts for all customers. You can find out more at www.talktalk.co.uk/secure.
• Stay vigilant - TalkTalk will NEVER call customers and ask you to provide personal details or passwords. Please take all steps to check the true identity of any organisation that calls requesting personal information. If you have any doubts, please call us on 0800 083 2710 or 0141 230 0707.
We are sorry for the concern this week’s attack has caused, but want to reassure you that we are doing everything possible to keep your information safe.
For more information, please visit: www.talktalk.co.uk/secure.
Yours sincerely,
TAH
Dear Mr M
We know it’s been a worrying and frustrating time since Wednesday’s cyber attack on our website. We’re doing everything we can to get to the bottom of what happened as soon as possible and to keep you updated. Our investigations are currently showing the following:
• The number of customers affected and the amount of data potentially stolen is smaller than originally thought. Our website was attacked, but our core systems weren’t and remain secure.
• On its own, none of the data that may have been accessed could be used to leave you financially worse off.
• We don’t store unencrypted credit or debit card data on our site, so any card details which may have been accessed have the 6 middle digits blanked out. For example, it would appear as 012345XXXXXX6789. This means it can’t be used for financial transactions.
• No My Account passwords have been accessed.
• No banking details were taken that you won’t already be sharing with people when you write a cheque or give to someone so they can pay money into your account.
We will continue investigating and promise to keep you updated as we know more. In the meantime, we strongly encourage that you:
• Sign up to your free credit reporting service. We have partnered with Noddle, one of the leading credit reference agencies, to offer 12 months of credit monitoring alerts for all customers. You can find out more at www.talktalk.co.uk/secure.
• Stay vigilant - TalkTalk will NEVER call customers and ask you to provide personal details or passwords. Please take all steps to check the true identity of any organisation that calls requesting personal information. If you have any doubts, please call us on 0800 083 2710 or 0141 230 0707.
We are sorry for the concern this week’s attack has caused, but want to reassure you that we are doing everything possible to keep your information safe.
For more information, please visit: www.talktalk.co.uk/secure.
Yours sincerely,
TAH
Last edited:
Soldato
- Joined
- 11 Apr 2006
- Posts
- 7,197
- Location
- Earth
Just setup the Noddle credit checker and tried to sign up for their monitoring service, using the free code that TT have issued......."PROVIDED CODE IS NOT VALID".....another top draw effort TT.
EDIT : After a Google search I finally came across the following link which tells you exactly how to use the free monitoring service.
TT main page, where I first got the info from just tells you about it, the step by step is in the link : Noddle
I guarantee you someone has shared that code on HUKD and MSE so everyone in the world has used the code.
I still maintain this is a tech forum and as such TalkTalk should be banned along with users who admit to using them.
Most retarded post ever - Congratulations
Only thing pathetic was their network and service. I don't care who you are with - couldn't careless. I still maintain this is a tech forum and as such TalkTalk should be banned along with users who admit to using them.
LOL.
So people should be banned if they are/were a TalkTalk customer, then who should they be with then? Murdoch's Sky or BT?
Everytime I do a WiFi scan every network I pick up in my street seems to be either of those. Obviously too many people conform to Sky's and BT's marketing.
Everytime I do a WiFi scan every network I pick up in my street seems to be either of those. Obviously too many people conform to Sky's and BT's marketing.
The funny bit is that as a talk talk customer.. I have noted my searching through safari address bar and google being odd.. i.e. as if it was in the US only..
Now nothing installed, and I assume that it's more google/apple at fault as it's using SSL HTTPS meaning encrypted and possibly server verification (depending on the SSL). The funny thing is it all happened about the same period (including the el capitan update).. so I wonder if the attackers have left some easter eggs in their infrastructure..
Stealing data is one thing.. having control over the infrastructure is another.. facilitating DoS easier on a larger scale..
Now nothing installed, and I assume that it's more google/apple at fault as it's using SSL HTTPS meaning encrypted and possibly server verification (depending on the SSL). The funny thing is it all happened about the same period (including the el capitan update).. so I wonder if the attackers have left some easter eggs in their infrastructure..
Stealing data is one thing.. having control over the infrastructure is another.. facilitating DoS easier on a larger scale..
Yeah I had mine about 01.15.....along with my latest bill
Roll on 6th November when my new ISP send round the engineer to install the new superfast BB that has recently been installed in my area. Would have liked to at least been able to see what packages/price TT could offer me for this new service, as I have been with them since the Tiscali days but seeing as their site is still partially down, I have given up and yesterday evening transferred my service away from TT.
TBH, this breach of security has nailed it for me now, as I have been considering it for a while now, as I could have got a similar package to the one I am on until the 6th Nov., for slightly less elsewhere but you know what they say "better the Devil you know" and all that. (although I am aware this security breach could potentially happen to any ISP/firm with inadequate provisions, so moving ISP doesn't make me feel any safer - opposite if anything, as it's yet another place with my details but meh).
In all honesty, TT as a service, has been fantastic for me, with hardly any problems in all the years I have been with them, apart from a slight glitch when I changed over from dial up to BB, many, many, many, years ago
Adios TT.
I think they are the worst ISP in the country. They have some of the worst customer service I've ever experienced, problems never get fixed or it takes weeks on end. The broadband service is also extremely poor and if you cancel your contract they continue to send you bills and demand money for months after! They are 100% incompetent.
They were clearly storing customer data insecurely and in plain text. They should be nailed to the wall for breaching the DPA and made an example of, because so many companies do this and think it will be fine.
They were clearly storing customer data insecurely and in plain text. They should be nailed to the wall for breaching the DPA and made an example of, because so many companies do this and think it will be fine.
Last edited:
Associate
- Joined
- 7 Feb 2009
- Posts
- 2,128
It is the same around here.
Sky and BT have really aggressive marketing which seems to lure the great unwashed in.
Last edited:
Yea and those routers have a big secutiry holes. You can get in and take control of a network quite easily it seems. First thing you should do when installing one is turn OFF the wi-fi.
Don't know, havent had much else from him, but he checked his online banking and said it's gone, so transferred the rest to another account, could be him being a knob though.