TalkTalk has received a ransom demand from a group claiming to be behind a major attack on its customer database.
Chief executive Dido Harding said she couldn’t even confirm if the data had been encrypted and said it was likely that personal and banking details of all its four million customers had been compromised.
Asked if the stolen data was encrypted, Harding told the BBC: “The awful truth is, I don’t know.”
“I would love to be able to give you that complete and unequivocal assurance,” she said. “But it would be wrong of me to give you that today, when the amount of data that these criminals have had access to is very large. I don’t want to give a false impression of confidence where I don’t have it.”
Harding also confirmed she had received a ransom demand “looking for money” from a group claiming responsibility for the attack.
“If you’re a cyber-criminal the days of stealing data and then selling it for cash in the dark web – they’re not so profitable as they used to be,” she told the BBC.
The full extent of the attack remains unclear, but it is now likely that it affects all of TalkTalk’s four million customers. The company said the following data had been accessed:
- Customer names and addresses
- Dates of birth
- Telephone numbers
- Email addresses
- TalkTalk account information
- Banking details
The provenance of the attack also remains unknown. Former Scotland Yard detective Adrian Culley told BBC Radio 4’s Today programme that a “Soviet Islamist group based in Russia” may be behind the attacks.
In a post on Pastebin that appears to contain compromised data from the attack, the group wrote that it “cannot be stopped”.
“We Have Made Our Tracks Untraceable Through Onion Routing, Encrypted Chat Messages, Private Key Emails, Hacked Servers. We Will Teach our Children To Use The Web For Allah.. Your Hands Will Be Covered In Blood.. Judgement Day Is Soon.”
Culley stressed his claims about the origin of the attack were “yet to be verified or investigated”. A spokesperson for Scotland Yard said the Metropolitan Police cybercrime unit was investigating.
The attack comes several months after two similar attacks targeted TalkTalk customers. The first, in February, saw some customers tricked into handing over account details by phone scammers. And in August the company’s mobile sales site was hit by a “coordinated cyber attack” in which personal data was breached.