TalkTalk announced on Thursday that they received a ransom demand following a cyberattack could of compromised customer data that includes, names, addresses, birth dates, email addresses, account information, and credit card or bank details.
TalkTalk claims they, “constantly update its systems to make sure they are as secure as possible against the rapidly evolving threat of cybercrime…” CEO Dido Harding states. Even though they “keep up” with their systems, this cyberattack is the third security breach the company has faced in the past 12 months, but TalkTalk claim the three attacks were unrelated.
“TalkTalk appears to have really fumbled both their security posture, by not encrypting customer data and not segmenting valuable data, and their response to the breach, by not having a policy for such an eventuality and not alerting authorities and customers sooner.” Jon Lindsay says, “There is no excuse for neglecting security anymore and no need for people to unplug if they demand that companies demonstrate a commitment to security,”
This breach stands out because ransomware was apart of the hack.
TalkTalk should of taken more precautions in regarding the network and databases at hand. “TalkTalk should respond in fairly standard manner to the breach,” said Webber. This includes taking the network or databases offline if possible, assessing the damage, working with law enforcement and the legal department. Then determine the access point including an insider attack or social engineering, he explained.