More details have emerged about the TalkTalk cyber attack. The firm said that hackers gained access to around 157,000 of its customers’ personal details – about 4% of customers.
The phone and broadband provider said that over 15,600 bank account numbers and sort codes were obtained.
According to TalkTalk, its ongoing forensic analysis of the site confirms that “the scale of the attack was much more limited than initially suspected.”
The company continues to advise customers to be careful and take the necessary precautions to protect themselves from scam phone calls and emails.
TalkTalk said in an update on its website that the card details stolen is not sufficient enough to actually take money out: “As we have previously confirmed, the credit and debit card details cannot be used for financial transactions. The bank account details that were accessed are, on their own, not enough to take money from your account and are the same as would be found on a cheque. We have also contacted major banks to inform them of the affected bank accounts.”
A criminal investigation was launched by the Metropolitan Police Cyber Crime Unit after the significant and sustained cyber attack on TalkTalk’s website. Police have arrested four people in connection with the hack; a 15 year-old boy in Northern Ireland, a 16-year-old boy from west London, a 20-year-old man in Staffordshire, and a boy of 16 in Norwich. All four have been released on bail.
The attack has seriously affected the reputation of TalkTalk and its shares dropped to almost a third of their value after news of the breach went public.
The firm now has the task of reassuring its customers that security is robust enough to prevent a future data breach.
Shares in the company rose this morning after the update revealed that the breach didn’t affect as many people as previously expected.