UK broadband provider TalkTalk has admitted to have faced a data breach which left data of thousands of its customers vulnerable to fraud.
The company said the data breach comprised on users’ personal data — including names, addresses, phone numbers as well as TalkTalk account numbers. Furthermore, attackers used the stolen information to secure additional customer details like bank account and credit card numbers.
TalkTalk claims that an outsider contractor which had legal access to its client records was connected to last’s year data breach. The company has already initiated a legal action against the supplier.
The company became aware of the breaching attack after a number of customers took to the company’s online forum to complain that they have received fraud calls purporting to be from TalkTalk. The UK broadband provider claimed it had notified all customers via email when the issue of a breach was initially raised.
TalkTalk has confirmed that only a small number of its 4 million customers had their account names and numbers compromised.
“We are aware of a small, but nonetheless significant, number of customers who have been directly targeted by these criminals and we have been supporting them directly,” the company said in a statement.
“We want to reassure customers that no sensitive information like bank account details has been illegally accessed, and TalkTalk Business customers are not affected.”
The company said it has made the Information Commissioner’s Office, which is responsible for enforcing the Data Protection Act, aware of the breach, and is also contacting customers and offering them free advice on dealing with the scammers.
Affected customers are being encouraged to make calls to a dedicated helpline number- 0800 083 2710 to avail assistance. TalkTalk has also posted advice on its help page.
