TalkTalk’s chief executive has apologised to its customers after a “significant and sustained cyber attack” on its website left millions of people potentially at risk of having had their credit card and bank details stolen.
Dido Harding defended the firm for not revealing the security breach until Thursday night, despite it taking place on Wednesday morning.
She admitted the firm does not yet know how many of its four million customers had been affected by what is the third in a spate of cyber attacks affecting TalkTalk customers in the last eight months.
TalkTalk advice to customers:
Keep an eye on bank accounts over the next few months and look out for anything unusual.
If you spot anything unusual, contact your bank and Action Fraud - the UK’s national fraud and internet crime reporting centre on 0300 123 2040 or via ActionFraud
If you are contacted by anyone asking you for personal data or passwords (such as for your bank account) take steps to check the validity of their identity.
Check your credit report with the three main credit agencies: Call Credit, Experian and Equifax.
TalkTalk says it will never call customers and ask them to provide bank details, for example to process a refund. If you are ever due a refund, they would only be able to process this if bank details are already registered on their systems.
TalkTalk will not suggest downloading software onto a customer’s computer, unless previously discussed and agreed for a call back for this to take place.
TalkTalk will not send customers emails asking you to provide full passwords. They would only ever ask for two digits from it to protect your security.
Not the first attack
In August the company revealed its mobile sales site was hit by a “sophisticated and co-ordinated cyber attack” in which personal data was breached by criminals.
And in February TalkTalk customers were warned about scammers who managed to steal thousands of account numbers and names from the company’s computers.
Ms Harding told ITV’s Good Morning Britain the three attacks were “completely unrelated”, adding: “We moved as fast as we possibly can, on Wednesday lunchtime all we knew was that our website was running slowly and that we had the indications of a hacker trying to attack us.
“I can’t even tell you today exactly how many customers have been affected. We have tried to come public as fast as we can once we have got a reasonable idea of what potential data has been lost.
“I really appreciate the frustration and the worry and the concern that this causes customers - I am a customer myself - and I am very sorry for that. We are rushing to try and get that information to our customers as fast as we possibly can.”
She added: “This is a crime, a criminal has attacked TalkTalk systems and we are not the only ones, whether it is the US government, Apple, a whole host of companies. Cyber crime is something we all need to get better at defending ourselves against.”