TalkTalk Hack

[Jux]

We've been with Virgin for donkeys years, and were sold by them to TalkTalk earlier this year.

I am relieved in a strange way that the MN hack made me change all my passwords to more sensible ones. I've never even been on the TT site as we don't intend to stay with them, but dh is taking his time thinking about who to move to.

I imagine all my data is in the hands of some criminal now. TT can't even say if the data was encrypted or not.

How bad can it be?

[carlajean]

I've been receiving several phone calls a day for over a week now, from people saying they're from TalkTalk. I feel annoyed that we've only just been told about it, plus I have no idea of what I should be doing. But then, which company would be safe?

[Jux]

I'm sorry you're in this too. I have no idea who is safe; they've just interviewed a guy on Newsnight who's accused of hackery, who said there was no excuse for data not to be encrypted, and that any site is fending off attacks every day.

Pretty shocking that the CEO or whoever she is didn't know whether they encrypted data or not, though.

I've had no calls at all, not on mobile - mine, dh's or dd's - or the landline. Do you know whether it's phone records which have been nicked (in which case we're not affected) or is it ISP data?

[LetGoOrBeDragged]

Talktalk bought out Aol, which is why I am with them. Have changed Aol passwords for my email. Not sure what else to change tbh.

[Mummylin]

I'm not affected by this , but one of my brothers is. He tried all day yesterday to get on and change his passwords as advised and couldn't get on the web site. He up till now he has not managed to do this. As far as I have read it's the same kind of attack that mumsnet had. A D Dos attack. I'm so glad I don't do online banking. Hope everyone has reassurances soon.

[swisscheesetony]

Unless you go off grid your data is not safe.

I used to work fr a well known tax dodging phone company. The live database was kept here because of security issues... Every night a copy of that database was sent to India to run reports on. Full financial and customer info. About as secure as leaving print-outs on a train. Top dogs didn't understand.

[vindscreenviper]

My 86 yo mil was phone-scammed by someone (with all her details) claiming to be from TT 2 weeks ago, fortunately her bank was on the ball so no financial loss, just a massive blow to her confidence and self-esteem as she was convinced she was somehow to blame.
Of course we now know why the scammers had loads of her info, bastards.

[howtorebuild]

I was mocked for years, for refusing to get involved in on line banking. I also have nothing to do with storing money on my mobile either.

[carlajean]

what I don't understand is whether not banking on-line would make any difference? If I felt my accounts were safe, I would come off it in an instant, but surely there is the potential for hackers to get into your accounts, on or off-line, and manipulate them?

[Pipbin]

We've been with Virgin for donkeys years, and were sold by them to TalkTalk earlier this year.

Really? Why did Virgin do that? Surely they can't just transfer your details to a different provider.

[TennesseeMountainPointOfView]

Really? Why did Virgin do that? Surely they can't just transfer your details to a different provider.

They sold the non-cable part of the business, TT bought it, therefore they get the customers, including their data. This would have happened whoever bought it, as Virgin no longer offer non-cable phone and broadband services. Much like when one bank buys out another and gains the clients.

TT have had two data thefts already that they admit to, the first at least looks to have come from their overseas call centre, so for most of their customers nothing has changed, their data was already out there and they were already getting fake TT support calls.

This shouldn't affect online banking, unless you log into your online banking with only a password (does any bank still let you do that?) and it was the same password as you use for TT. What they do have is your bank account number and your TT account number, plus your name, address and email address. It is far more likely that you will be targetted with spam calls fro people claiming to be from TT or your bank, asking for access to your computer (because it's at risk) or to transfer money from your bank account (because it's at risk), and steal from you that way.

If you work on the basis that anyone who calls you and offers to help with something is a fake, you won't go far wrong. TT are widely known to have shit CS, so the chances of them calling their customers are very slim indeed.

[Pipbin]

They sold the non-cable part of the business, TT bought it, therefore they get the customers, including their data.

I had no idea - we are cable so I didn't know that.

[Jux]

Yep, Pipbin, we were very miffed, especially as they've cabled to within a fewmilesof us and I really really want cable! DH badly wants to hang onto his email address as he's had it since 1997/8, as have I, and he still gets people contacting him from 10-20 years ago giving him work, from time to time.

They've announced that the hackers haven't got usable data. I'm not massively convinced.

[AllMyBestFriendsAreMetalheads]

I had a phone call from 'TT customer services' a few months ago ringing about my account. I knew I'd paid my bill, so they couldn't be ringing about that. I assumed they were trying to sell me something so I fobbed them off and said I would ring them back when I had chance. Now it seems this could have been from a previous hack.

I don't generally answer phone calls from numbers I don't recognise though, so I may have missed some more.

This is the third time this has happened though, isn't it? Why is this only major news now?

[TennesseeMountainPointOfView]

This is the third time this has happened though, isn't it? Why is this only major news now?

It definitely made the news before, and was covered more than once on consumer affairs type programmes. It was also covered in various consumer and tech columns in (at least) The Guardian and The Telegraph when people started getting calls from scammers who knew their TT account details.

It's possibly getting more coverage this time because they don't seem to have learned any lessons from the previous two occasions.

[DontHaveAUsername]

Another reason why the government's proposal to mandate insecure (backdoored for police access) encryption is crazy. Yeah, cos I'd just love it once criminals were using the police backdoor to decrypt my customer data..