TalkTalk didn't use basic security that could have protected its 4 million customers' details

TalkTalk has admitted that it didn’t protect customers’ data with encryption, after a massive hack has led to the potential theft of 4 million UK customers’ details. 

Encryption is a method of scrambling data so that it can only be understood by someone with the correct key or password, and is considered standard practice in safeguarding sensitive data.

But in an FAQ posted online after the hack, TalkTalk says that “not all of our data was encrypted.”

Dido Harding, CEO of TalkTalk, told the BBC that she “can’t confirm” that customer data was encrypted.

The fact that TalkTalk didn’t use encryption to protect customers’ details becomes all the more worrying when you remember that this is the third cyberattack the company has announced in the last 12 months. 

As Tom Cheshire, technology correspondent for Sky News, puts it:

“We have seen with the evolving cyberthreat landscape today that you need to enforce these types of security measures today,” Jens Monrad, a systems engineer for cybersecurity company FireEye told Business Insider. “Because the reality is it’s probably not a question of if you’ll be breached, it’s a question of when.”

Someone claiming to be the hacker has posted what appears to be a small dump of TalkTalk customer data online. It’s difficult to verify it conclusively, but BuzzFeed has spoken to one individual included in the dump who has confirmed he was a TalkTalk customer. 

This data dump shows the customer’s name, address, telephone number and redacted (by the hacker) bank account details  — suggesting that, if legitimate, even banking details may not have been encrypted properly. This would be a huge security screw-up, and put all 4 million customers at risk of fraud. 

Even if bank account details were encrypted, that other data wasn’t puts users at increased risk of scams and criminal activity.

The Metropolitan police is now investigating, and Harding says the company is “very sorry” for the hack.

NOW WATCH: This 3-minute animation will change the way you see the universe

NOW WATCH: Tech Insider videos

Want to read a more in-depth view on the trends influencing Australian business and the global economy? BI / Research is designed to help executives and industry leaders understand the major challenges and opportunities for industry, technology, strategy and the economy in the future. Sign up for free at research.businessinsider.com.au.

Tagged In

sai-us talktalk uk