We'd like to remind Forumites to please avoid political debate on the Forum. This is to keep it a safe and useful space for MoneySaving discussions. Threads that are - or become - political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.

Talk Talk Mobile hacked

50Twuncle
50Twuncle Posts: 10,763 Forumite
Part of the Furniture 1,000 Posts Photogenic Name Dropper
TalkTalk mobile site (hosted by Carphone Warehouse) has been hacked - putting at risk many peoples accounts (BANK ACCOUNTS, Name, address and TT account information - they advise that you change your TT account passwords !!
«1

Comments

  • Swipe
    Swipe Posts: 5,388 Forumite
    Part of the Furniture 1,000 Posts Photogenic Name Dropper
    What's your source?
  • 50Twuncle
    50Twuncle Posts: 10,763 Forumite
    Part of the Furniture 1,000 Posts Photogenic Name Dropper
    Swipe wrote: »
    What's your source?

    An email from TT


    I am writing to you as a precaution after we discovered on 5th August that the TalkTalk mobile sales site, mobile.talktalk.co.uk, which is hosted by a division of Carphone Warehouse, was subject to a sophisticated and coordinated cyberattack, along with a number of similar sites. We shut down the site as soon as this was detected, but there is a risk that some of your data may have been accessed – including your name, address, date of birth, bank account details and TalkTalk account information. We take the security of your data extremely seriously, and we have put in place additional security measures to prevent further attacks. But we felt it was important to let you know as soon as possible.

    Steps you should take to protect yourself

    We can’t be certain if your individual data has been accessed, but you should look out for any suspicious online or account activity. If you see anything unusual, please contact your bank and Action Fraud as soon as possible. Action Fraud is the UK’s national fraud and internet crime reporting centre, and they can be reached on 0300 123 2040 or via www.actionfraud.police.uk We specifically recommend that you: • Contact your bank and credit card company, so that they can monitor for unusual activity • Check your credit rating with Experian or Equifax to be sure that no one has taken out loans or credit in your name – both offer free trials that allow you to check your credit history. • Change the password for your TalkTalk account and any other accounts that use the same password Make sure it’s TalkTalk that’s contacting you Many scams assume the identity of a company and ask for personal details. So please remember: • TalkTalk will NEVER call customers and ask you to provide bank details unless we have already had specific permission from you to do so. • TalkTalk will NEVER ask for your bank details to process a refund. If you are ever due a refund from us, we would only be able to process this if your bank details are already registered on our systems. • TalkTalk will NEVER call you and ask you to download software onto your computer, unless you have previously contacted TalkTalk, discussed and agreed a call back for this to take place. • TalkTalk will NEVER send you emails asking you to provide your full password. We will only ever ask for two digits from it to protect your security. We apologise for the worry and inconvenience this may be causing. If you have any concerns please visit https://help2.talktalk.co.uk/aug15incident for more information or you can call us on 0800 083 2710 or 0141 230 0707. Yours sincerely, NEW_TRISTIA_HARRISON_SIGNATURE.jpeg Tristia Harrison
    Managing Director, Consumer TalkTalk Telecom Limited, 11 Evesham Street, London W11 4AR. Registered in England & Wales No. 4633015
  • fermi
    fermi Posts: 40,544 Forumite
    Part of the Furniture 10,000 Posts Combo Breaker Rampant Recycler
    Free/impartial debt advice: National Debtline | StepChange Debt Charity | Find your local CAB

    IVA & fee charging DMP companies: Profits from misery, motivated ONLY by greed
  • 50Twuncle
    50Twuncle Posts: 10,763 Forumite
    Part of the Furniture 1,000 Posts Photogenic Name Dropper
    And Virgin too...
    But since Sebastian James says that he is very sorry - I guess that all is going to be OK and if we face any financial loses, it is our own fault for trusting a 3rd party with our card number etc ??
  • 50Twuncle
    50Twuncle Posts: 10,763 Forumite
    Part of the Furniture 1,000 Posts Photogenic Name Dropper
    One important point though


    They claim "TalkTalk will NEVER send you emails asking you to provide your full password. We will only ever ask for two digits from it to protect your security."


    When you try to email them - using the website ONLINE HELP - it DOES require you to enter your account password when you select MOBILE BILLING QUERY !!!
  • d123
    d123 Posts: 8,691 Forumite
    Part of the Furniture 1,000 Posts Name Dropper Photogenic
    It's even worse, Sky are reporting it's an attack on most of the CarphoneWarehouse system, including CPW, OneStopPhoneShop.com, e2save.com and Mobiles.co.uk., iD Mobile, TalkTalk Mobile, and Talk Mobile.
    The details of up to 2.4 million Carphone Warehouse customers may have been accessed after the firm was targeted by hackers.


    A statement from parent firm Dixons Carphone said names, addresses, dates of birth and bank details may be among the information in the security breach.

    It said encrypted credit card data of up to 90,000 customers may also have been accessed in the hack on 5 August.

    The division affected operates the websites OneStopPhoneShop.com, e2save.com and Mobiles.co.uk.

    All of the sites were down on Saturday afternoon.

    The attacked division also provides a number of services to iD Mobile, TalkTalk Mobile, Talk Mobile, and to certain customers of Carphone Warehouse, the statement said.
    http://news.sky.com/story/1532547/millions-hit-by-carphone-warehouse-cyber-attack
    ====
  • murmeltier
    murmeltier Posts: 123 Forumite
    Part of the Furniture 100 Posts Combo Breaker
    From their website:
    Notify your bank and credit card company, so they can monitor for unusual activity
    Will the banks actually do anything or would calling them be a waste of time?
    I've had one of these emails (from mobiles.co.uk) and am wondering whether I should really call as I can't see what difference it would make.
  • fermi
    fermi Posts: 40,544 Forumite
    Part of the Furniture 10,000 Posts Combo Breaker Rampant Recycler
    As far as the talktak side goes.

    http://help2.talktalk.co.uk/aug15incident


    What has happened?

    The division of Carphone Warehouse that hosts the mobile.talktalk.co.uk website, have told us that the site had been subject to a cyber attack, called a DDoS attack. A number of related sites were also attacked at the same time. Carphone Warehouse took down the site as quickly as they could, and worked to make sure customers’ data was secure.
    However, there is a chance that customers’ data was accessed by the attackers, which is why we are contacting everyone who might be affected. At this stage, we don’t know for certain if any customer data has been accessed.



    How did this happen?

    We are working with Carphone Warehouse to find out exactly what has happened, but we believe this was a sophisticated criminal attack.


    What data was compromised?

    Carphone Warehouse is still investigating the exact circumstances of the attack, and at the moment we cannot say for certain that this data has been accessed. The customer data held by Carphone Warehouse was:
    Personal details

    • Title
    • First Name
    • Last Name
    • Marital Status
    • Date of Birth
    Address details

    • Address
    • Residential status
    • Years/months at address
    • Previous address
    • Previous residential status
    • Years/months at previous address
    • Delivery address
    Contact details

    • Home phone
    • Daytime phone
    • Email
    Bank details

    • Bank account number and sort code
    • Years/months at bank
    Occupational details

    • Occupational status
    • Years/months in current job
    Account details

    • Created date
    • TalkTalk account ID
    • TalkTalk customer ID
    • TalkTalk landline number
    • Accept threshold
    The credit card numbers of customers who have taken out a mobile product in the last two weeks was also present, but this data was encrypted. In some cases, TalkTalk My Account usernames and passwords were also held.


    How many customers are affected?

    We believe that all TalkTalk mobile customers are affected.




    Free/impartial debt advice: National Debtline | StepChange Debt Charity | Find your local CAB

    IVA & fee charging DMP companies: Profits from misery, motivated ONLY by greed
  • EOTD
    EOTD Posts: 13 Forumite
    fermi wrote: »
    As far as the talktak side goes.

    http://help2.talktalk.co.uk/aug15incident

    Looks like a fraudsters goldmine! I'm with e2save/mobiles.co.uk and they have also been named as having been effected in the hack.
  • Helix
    Helix Posts: 2,381 Forumite
    Part of the Furniture 1,000 Posts Combo Breaker
    Impacts ID Mobile as well the network they only launched a few months ago. The website (https://www.idmobile.co.uk) has been down for a couple of days now, I wouldn't be surprised if this was the source of the breach and it provided access to the other CPW companies data.
This discussion has been closed.
Meet your Ambassadors

Categories

  • All Categories
  • 347.2K Banking & Borrowing
  • 251.6K Reduce Debt & Boost Income
  • 451.8K Spending & Discounts
  • 239.5K Work, Benefits & Business
  • 615.4K Mortgages, Homes & Bills
  • 175.1K Life & Family
  • 252.8K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16K Discuss & Feedback
  • 15.1K Coronavirus Support Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.