UPDATE: A TalkTalk spokesperson has confirmed the company has received a demand for payment from a party claiming to be behind the cyberattack.
In a statement, the company wrote: “We can confirm we were contacted by someone claiming to be responsible and seeking payment.”
The company has declined to comment further, stating “everything else is a matter for the police”.
Original story continues below…
UK phone and broadband company TalkTalk has been hit by a major cyberattack, potentially compromising user data.
The company has today issued a notice to its customers (of which it has around four million) revealing that “a significant and sustained cyberattack on our website” occurred on Wednesday October 21.
According to the company, there is a chance that names, addresses, dates of birth, email addresses, telephone numbers, TalkTalk account information, and bank details have been accessed by the attackers. Here’s what TalkTalk’s boss had to say:
The company has contacted its customers to warn them of the attack. TalkTalk has also taken the account section of its website offline for the time being, and is encouraging customers to use the various helpline numbers should it require access or information.
TalkTalk has also notified all of the major banks, who will now be on the look-out for any suspicious account activity.
Meanwhile the Metropolitan Police Cyber Crime Unit has launched an investigation into the matter. TalkTalk has also provided advice on what its customers should be on the look-out for following the attack.
Related: Best routers 2015
Some sources are claiming that the attack could be related to Islamic cyber-terrorism. The BBC‘s Rory Cellan-Jones has tweeted evidence that a Russian Islamic extremist group has taken responsibility for the attack.
This represents the second time TalkTalk has been compromised by a cyberattack in 2015. Back in February, the company issued a warning that customer data may have been compromised after its computer systems were breached.
Questions remain over why this latest attack was able to compromise customer data rather than simply bringing services down, and whether TalkTalk had taken proper steps to encrypt said customer data.