23rd Oct 2015 18:47
LONDON (Alliance News) - TalkTalk Telecom Group PLC late Thursday confirmed that a criminal investigation has been launched by the Metropolitan Police's Cyber Crime Unit following a "significant and sustained" cyber attack on the company's website on Wednesday.
The company then confirmed that it had received a ransom demand from a person claiming to be responsible for the hack.
The news sent the company's shares lower on Friday, closing the day off 4.4%.
The FTSE 250-listed telecommunications company said the investigation by the Met is ongoing but said that the data compromised in the hack may have included names, addresses, dates of birth, phone numbers and email addresses. More importantly, it said the details at risk also included TalkTalk account information and credit card or bank details of its customers.
TalkTalk has around 4.0 million subscribers, all of which have been informed about the breach as a "precaution".
"TalkTalk constantly updates its systems to make sure they are as secure as possible against the rapidly evolving threat of cyber crime, impacting an increasing number of individuals and organisations," said Dido Harding, TalkTalk's chief executive.
"We take any threat to the security of our customers' data extremely seriously and we are taking all the necessary steps to understand what has happened here. As a precaution, we are contacting all our customers straight away with information, support and advice around yesterday's attack," Harding added.
A spokesperson for TalkTalk then confirmed later in the day that the company had been "contacted by someone claiming to be responsible" for the attack who was "seeking payment" from the company.
Harding, speaking to the BBC, also confirmed that the company had been contacted by a party "purporting to be the hacker" who was "looking for money".
The hack is the third to have emerged in recent months involving UK-listed companies. In August, the UK's data regulator, the Information Commissioner's Office, was reported by the BBC to be "making inquiries" after Carphone Warehouse, the mobile retailer owned by Dixons Carphone PLC, said the personal details of up to 2.4 million customers may have been accessed after a cyber attack.
Carphone Warehouse confirmed at the time that the credit card details of up to 90,000 people may have been accessed in the hack. Dixons Carphone apologised for the breach and said it has implemented additional security measures.
Then, earlier this month, information services and credit reports company Experian PLC saw its shares fall after it confirmed reports that its North American unit had been subject to a breach which had compromised the data of clients of US mobile carrier T-Mobile USA Inc.
That breach included personal information on around 15 million US consumers, including those who applied for T-Mobile post-paid services or device financing from September 1, 2013 to September 16, 2015, based on the investigation Experian had conducted at the point it published the confirmation of the hack earlier this month.
By Sam Unsted; [email protected]; @SamUAtAlliance
Copyright 2015 Alliance News Limited. All Rights Reserved.
Related Shares:
DC..LExperianTALK.L