Your forum username:
Do you already have an account?
Forgot your password?
  • Log in or Sign up


    Welcome to Sky User - The Unofficial Support Forum for everything Sky! - Proudly helping over 65k members.


    Advertisement

    Results 1 to 4 of 4

    UK ISP TalkTalk Admits Illegal Customer Data Breach Fuelled Scam Calls

    This is a discussion on UK ISP TalkTalk Admits Illegal Customer Data Breach Fuelled Scam Calls within the General Computing and Internet forums, part of the Community channel category; UK ISP TalkTalk Admits Illegal Customer Data Breach Fuelled Scam Calls - ISPreview UK Low cost broadband and phone provider ...

    1. #1
      Scubbie's Avatar
      Scubbie is offline Sky User Moderator
      Exchange: 02392
      Broadband ISP: Other ISP
      Router: Non-Sky Router
      Sky TV: Sky+HD box
      Join Date
      Mar 2010
      Location
      Near Portsmouth
      Posts
      28,257
      Thanks
      849
      Thanked 2,247 Times in 2,108 Posts

      UK ISP TalkTalk Admits Illegal Customer Data Breach Fuelled Scam Calls

      UK ISP TalkTalk Admits Illegal Customer Data Breach Fuelled Scam Calls - ISPreview UK
      Low cost broadband and phone provider TalkTalk could be facing a fine from the Information Commissioner’s Office (ICO) after they finally coughed up to a serious customer data breach, which last year caused some of their subscribers to be hit by a spate of Indian-based scam callers.

      Admittedly scam calls themselves are nothing new and at some point most of us will have picked up the phone only to be faced with just such a call, often one that claims to require our personal / financial details or which asks you to perform some sort of task on your computer. Calls like this are cleverly crafted, often exhibiting good knowledge of the business they’re impersonating, and adopt various tricks to encourage you to part with your data.

      The same might have been true of the scammers that last year targeted TalkTalk customers, many of which claimed to be engineers for the ISP, at least that would have been the case were it not for the fact that they appeared to know an awful lot about their intended targets and related user accounts.

      In TalkTalk’s case many of the scam callers said that they wanted to remove a virus/problem from the customer’s computer (the method they propose usually does the opposite) and then proceeded to read out their targets account number, name, phone number and postal address for verification. It’s likely that they could have found the address and name via public sources, but the account number? We note that some customers of BT also received similarly detailed scam calls during early 2014.

      At the time TalkTalk said they would investigate and noted that they had “no concrete evidence of a data breach“. Several months have since passed and this week the ISP suddenly began sending out a notice to warn customers about the dangers of scam callers, although those emails don’t include all of the details that can be found on their website.

      TalkTalk Statement

      We know some customers are currently being targeted by criminal scammers claiming to be from TalkTalk who have obtained their account and phone number. After further investigation, we’ve become aware that some limited information we have about some of our customers could have been accessed in violation of our security procedures.

      We have reported the matter to the Information Commissioner’s Office [ICO] and we’re liaising with them and other official bodies, because unfortunately it is not only our customers who are being targeted by scammers
      .”
      According to TalkTalk, a “detailed investigation” revealed that some customer information, including account numbers (note: no financial or date of birth data was compromised), appears to have been “illegally accessed in violation of our security procedures“. The ISP also claims to be working with an “external specialist security company to take urgent and serious steps to prevent this happening again“. Sadly they wouldn’t share how the breach happened, although if the ICO publishes a report then we may eventually find out.

      TalkTalk now claims to have put “every possible measure” in place to try and stop this from happening again. The ISP has also advised customers to take extra care when anybody rings or emails them claiming to be from TalkTalk. The ISP said they would “NEVER” call customers and use an account number to identify you or prove that the call is genuine. The ISP also said they wouldn’t ask you to provide bank details (without specific prior permission), download software on to your computer or demand your account password.

      The move to inform customers about all this appears to have been cleverly timed to coincide with the Government’s move this week to introduce tougher measures for tackling nuisance calls and thus it very nearly slipped under our radar, since many other businesses and ISPs have also been putting out similar advisories (most are merely educational). TalkTalk also run their own nuisance call reporting service, although ironically the ISP has in the past been the subject of complaints for making its own such calls (here).

      As a rule it’s always wise to ignore any requests for personal or financial details over the phone (unless you’re the one making the call) and, after replacing the handset, always leave the phone for a good 15 minutes+ before calling-out again to a known / legitimate number in case the scammer is still hanging on to the end of your line (BT have separately made some changes to combat this).


    2. Advertisement
    3. #2
      lianne's Avatar
      lianne is offline Sky User Member
      Exchange:
      Broadband ISP: Sky Broadband Unlimited
      Router: D-Link DSL-2640S
      Sky TV: Sky Basic
      Join Date
      Feb 2015
      Posts
      2
      Thanks
      0
      Thanked 0 Times in 0 Posts

      Re: UK ISP TalkTalk Admits Illegal Customer Data Breach Fuelled Scam Calls

      I'm a little concerned about the call I got last week. The caller said he was from Talktalk and said there was data breach. he claimed that my information was leaked to the internet and that they monitored suspicious activities in my account. He asked me to provide my credit card number to verify if I made the changes. But instead of giving the info, I hung up. I thought the call was suspicious.

    4. #3
      lianne's Avatar
      lianne is offline Sky User Member
      Exchange:
      Broadband ISP: Sky Broadband Unlimited
      Router: D-Link DSL-2640S
      Sky TV: Sky Basic
      Join Date
      Feb 2015
      Posts
      2
      Thanks
      0
      Thanked 0 Times in 0 Posts

      Re: UK ISP TalkTalk Admits Illegal Customer Data Breach Fuelled Scam Calls

      By the way, the caller used this number: ****. I googled it and https://www.callercenter.com/****.html came up along with several complaints against the caller. You guys should check out what the others said about this phone number.
      Last edited by Scubbie; 01-03-15 at 09:27 AM. Reason: Removed telephone number

    5. #4
      Scubbie's Avatar
      Scubbie is offline Sky User Moderator
      Exchange: 02392
      Broadband ISP: Other ISP
      Router: Non-Sky Router
      Sky TV: Sky+HD box
      Join Date
      Mar 2010
      Location
      Near Portsmouth
      Posts
      28,257
      Thanks
      849
      Thanked 2,247 Times in 2,108 Posts

      Re: UK ISP TalkTalk Admits Illegal Customer Data Breach Fuelled Scam Calls

      Very strange that you should receive a call from someone claiming that they were from TalkTalk when you are posting from the Philipines.

      PlusNet Fibre since Jan 2021
      Previously Sky Fibre & Sky BB since 2010.

     

     

    Tags for this Thread

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •  
    SkyUser - Copyright © 2006-2020. SatDish and NewsreadeR | SkyUser is in no way affiliated with Sky Broadband / BSkyB
    RIPA NOTICE: NO CONSENT IS GIVEN FOR INTERCEPTION OF PAGE TRANSMISSION