Talk Talk

Thread starter #1

ADB

Journeyman Pro
Joined
May 1, 2009
Messages
2,469
Location
Sussex
Anyone else with Talk Talk - i'm fuming!!!

Although the full extent of the cyber attack is unknown, how can this be allowed to happen???
 

Tashyboy

Money List Winner
Joined
Dec 12, 2013
Messages
11,033
The part of me that was royally shafted by car phone warehouse and talk talk fills me with great joy that they have problems on there plate which they gave to me and did not give two hoots about.

However there is a part of me that is gutted that there customers have been exposed to this. Second time this year I believe.

Rubbish company with even worse customer services.

Hope it all works out well for you me man.
 
Joined
Jul 24, 2012
Messages
22,615
Anyone else with Talk Talk - i'm fuming!!!

Although the full extent of the cyber attack is unknown, how can this be allowed to happen???
What's the risk to the individual - have they told you?

I blame the Chinese - after all - aren't they here for a bit of Talk talk ?
 

jdpjamesp

Q-School Graduate
Joined
Oct 6, 2015
Messages
807
Location
Taunton, UK
Talk Talk here as well. The thing that gets me is they've claimed to have informed all their customers. As yet I have only seen what's in the media and what I've gone and found out myself. Fuming too. Will be leaving at the earliest opportunity to be honest.
 

jdpjamesp

Q-School Graduate
Joined
Oct 6, 2015
Messages
807
Location
Taunton, UK
What's the risk to the individual - have they told you?
No communication at all from them here. Useless. To be honest, the biggest risk is 2-fold: they have your account password - change it as soon as they bring the website back online. Secondly they have your credit card/bank details. More of an issue.
 
Joined
Jul 24, 2012
Messages
22,615
No communication at all from them here. Useless. To be honest, the biggest risk is 2-fold: they have your account password - change it as soon as they bring the website back online. Secondly they have your credit card/bank details. More of an issue.
That isn't good - but at least you have CC protection and like your bank - they are usually pretty good at spotting potentially fraudulent purchases or transactions on your account. But still not good.

A bit surprised that this has happened to a company like Talk Talk as they have to be PCI DSS (Payment Card Industry Data Security Standard) compliant - and as someone who has managed an organisation through it's annual PCI DSS compliancy audit I can confirm that it is very stringent. That said if the company seeking compliance is a bit lax or cost-cutting in maintaining it's compliancy between audits holes can occur and doors can open to the hacker.
 
Last edited:

Tongo

Journeyman Pro
Joined
May 20, 2013
Messages
3,019
Location
Southampton
We're with them. Our account is with Mrs Tongo's bank account. Fortunately we dont have joint accounts otherwise i'd be seriously worried rather than just worried.
 

Robster59

Tour Rookie
Joined
Aug 7, 2015
Messages
2,895
Location
Newton Mearns
Also with TalkTalk here. We've received no notification either.
It's a disgrace that a company like this should allow this to happen. There is obviously something seriously wrong with their security system that has allowed this to happen.
The account is held in my Partners name so she'll have to check everything. As it stands, we can't actually even remember our TalkTalk account password anyway but if they can get into TalkTalk, what can they do down the line into peoples computers?
I've put good antivirus and malware protection on my PC and also changed the router password.

But I've been looking to change provider over the last few weeks. This has tipped me over the edge now. I do think that TalkTalk penny pinch where they can. A non-UK call centre is an example. It could be something similar here.

I've also got a Skoda Superb which is going to be recalled because of their scandal.

I'm really worried about what the third thing will be! :confused:
 

Imurg

Grand Slam Winner
Joined
Mar 15, 2008
Messages
27,615
Location
Aylesbury Bucks
When are we, the general public, going to realise that none of the data we give to companies that is kept online is really safe.
Every month, it seems, there's a cyber attack somewhere in which passwords or bank details go "missing"...Joe Public gets reimbursed for any loss but end up paying more as security needs to be beefed up to combat the attacks.
Security should be so tight with this information that hacks fail.
Its not.
 
Joined
Jul 24, 2012
Messages
22,615
Also with TalkTalk here. We've received no notification either.
It's a disgrace that a company like this should allow this to happen. There is obviously something seriously wrong with their security system that has allowed this to happen.
The account is held in my Partners name so she'll have to check everything. As it stands, we can't actually even remember our TalkTalk account password anyway but if they can get into TalkTalk, what can they do down the line into peoples computers?
I've put good antivirus and malware protection on my PC and also changed the router password.

But I've been looking to change provider over the last few weeks. This has tipped me over the edge now. I do think that TalkTalk penny pinch where they can. A non-UK call centre is an example. It could be something similar here.

I've also got a Skoda Superb which is going to be recalled because of their scandal.

I'm really worried about what the third thing will be! :confused:
Companies can easily become complacent if year-on-year their annual PCI DSS compliancy audit does not identify any risks. The problem then is that procedures and resources required to maintain compliancy between audits are not followed or provided. That's why the risks open up - complacency, lax following of procedures, and penny-pinching (it takes a lot of time and effort to maintain compliancy)
 

Dan2501

Tour Winner
Joined
Aug 1, 2014
Messages
5,591
Location
Manchester
When are we, the general public, going to realise that none of the data we give to companies that is kept online is really safe.
Every month, it seems, there's a cyber attack somewhere in which passwords or bank details go "missing"...Joe Public gets reimbursed for any loss but end up paying more as security needs to be beefed up to combat the attacks.
Security should be so tight with this information that hacks fail.
Its not.
This is a LOT easier said than done. This was a very complex hack which used a DDOS to mask a complex SQL Injection attack. The same method used to hack Sony, and other huge companies not that long ago. Cyber Terrorism is a massive issue that just isn't as easy to fix as "beefing up" security.
 

Paul77

Challenge Tour Pro
Joined
Apr 14, 2015
Messages
741
People will find a way of getting what they want. I used to be with Talk Talk and to be honest I'd have hacked them too if I could manage it because they are a hopeless company and need to be taught how to do business. I actually bought my contract out in rage and out of pocket because of their utter incompetence to provide a service on any level.

Like Dan says, it's not difficult to do once you find the flaw. It's just that the folk who are in charge don't see there being a flaw and never get tested on it. The Sony one was a belter right enough.
 

Foxholer

Major Champion
Joined
Nov 16, 2011
Messages
20,063
Location
Wasting away again in Margaritaville
When are we, the general public, going to realise that none of the data we give to companies that is kept online is really safe.
Every month, it seems, there's a cyber attack somewhere in which passwords or bank details go "missing"...Joe Public gets reimbursed for any loss but end up paying more as security needs to be beefed up to combat the attacks.
Security should be so tight with this information that hacks fail.
Its not.
Apart from the fairly obvious inability to guarantee total security, this is my view too. Even encryption of sensitive details is not foolproof!

Btw. I read somewhere - quite a while ago now - that many hacks are (at least assisted) by unhappy ex-employees. Quite possibly not the case now, or indeed this case, but definitely something companies need to be aware of!
 

Rooter

Money List Winner
Joined
Jan 30, 2012
Messages
9,577
Location
Newbury
Nothing is safe, the hackers are always ahead of the game, I saw a machine built last week online that can hack 500,000 windows system passwords in 2 hours.
 

Imurg

Grand Slam Winner
Joined
Mar 15, 2008
Messages
27,615
Location
Aylesbury Bucks
This is a LOT easier said than done. This was a very complex hack which used a DDOS to mask a complex SQL Injection attack. The same method used to hack Sony, and other huge companies not that long ago. Cyber Terrorism is a massive issue that just isn't as easy to fix as "beefing up" security.
In which case they shouldn't be allowed to hold sensitive data.
If they can't absolutely guarantee security of information they shouldn't be allowed to hold it.
 

garyinderry

Ryder Cup Winner
Joined
Jan 7, 2012
Messages
12,079
I've had an email from them.

Personally I find them fine to deal with. My only grip is they ring me constantly to try and upgrade my package. I've been fooled by those promises before ;)
 

HomerJSimpson

Hall of Famer
Joined
Aug 6, 2007
Messages
65,322
Location
Bracknell - Berkshire
Apparently this isn't their first or even second attack. They admitted their defences weren't robust. There's going to be serious repercussions especially once bank accounts etc get hacked. With hackers getting more sophisticated this issue will only get worse and I'm not convinced anywhere is truly safe anyome
 

Stuey01

Journeyman Pro
Joined
Sep 19, 2012
Messages
2,162
Location
Bristol
In which case they shouldn't be allowed to hold sensitive data.
If they can't absolutely guarantee security of information they shouldn't be allowed to hold it.
No-one can absolutely guarantee the safety of data. It's an arms race between the hackers and the security people.
 
Top