TalkTalk claims 157,000 customers were victims of security breach
Cheapo telco revises down attack figure, shares climb 4%
TalkTalk has once again attempted to downplay the seriousness of the attack on its systems by claiming on Friday morning that only four per cent of its customers – nearly 157,000 people – were affected by the security breach.
The budget ISP said that bank account numbers and sort codes of 15,656 of its subscribers had been swiped in the attack.
It added that 28,000 "obscured credit and debit card numbers" had been nicked, but claimed they "cannot be used for financial transactions, and were 'orphaned', meaning that customers cannot be identified by the stolen data."
Of the total 156,959 customers that TalkTalk claimed had been directly hit in the attack, 113,303 people had "sensitive personal data" stolen but their bank details were not targeted, the telco said.
Throughout TalkTalk's statement, the company reiterated its claim that the "financial information" pilfered during the security breach "cannot on its own lead to financial loss".
However, faith in the firm's ability to handle customer data has hit an all-time low.
As noted by analysts at Megabuyte, shares in TalkTalk are currently trading down 30 per cent since it was revealed that ISP's systems had been violated by attackers.
"TalkTalk now faces serious questions over its security protocols. Indeed, this episode serves as a timely reminder to all corporations that cyber-attacks are becoming more frequent, malicious and successful, underlining the need to have sufficient protocols in place," the analyst house said.
However, shares in TalkTalk have risen more than four per cent on the London Stock Exchange this morning, suggesting the City welcomes the company's claims that fewer customers were affected by the attack than previously suspected.
Nonetheless, TalkTalk stock remains close to the bottom its 52-week range (220.10p – 415.10p), currently trading at 230p per share.
Next Wednesday (11 November), TalkTalk's boss Dido Harding will report the company's half-year results to the City. Those numbers will only apply up to 30 September this year – apparently before the breach occurred – but TalkTalk will undoubtedly have something to say about the costs it expects to have incurred following the attack on its systems. ®
- Black Hat
- Common Vulnerability Scoring System
- Cybersecurity and Infrastructure Security Agency
- Cybersecurity Information Sharing Act
- Data Breach
- Data Protection
- Data Theft
- Digital certificate
- Identity Theft
- Kenna Security
- Palo Alto Networks
- Trusted Platform Module
- Zero trust