TalkTalk cyber attack: Firm receives 'ransom demand'
TalkTalk has received a ransom demand from someone claiming to be behind a cyber attack which may have resulted in sensitive data belonging to millions of its customers being stolen, the company said.
The telecoms giant is investigating whether credit card and bank details were taken in Wednesday's attack, the third time this year it has been the victim of a cyber crime.
It has confirmed this probe includes personal details of past as well as present customers.
A TalkTalk spokeswoman said: "We can confirm we were contacted by someone claiming to be responsible and seeking payment."
The spokeswoman declined to elaborate in the demand, saying "everything else is matter for the police."
TalkTalk's chief executive Dido Harding told the BBC: "Yes, we have been contacted by - I don't know whether it's an individual or a group purporting to be the hacker.
"I personally received a contact from someone purporting - as I say, I don't know whether they are or are not - to be the hacker, looking for money."
Mrs Harding previously said the company had assumed a worst case scenario that all the personal data relating to its four million customers was compromised until they could confirm exactly what was taken.
Mrs Harding told the Press Association: "We have taken the precaution to assume the worst case, which is that all of our customers' personal financial information has been accessed.
"We think that is the most prudent and sensible way to be, to tell all of our customers that now, so that they can protect themselves rather than wait to do the analysis and give a more precise number and cause more concern to people over the long term."
A TalkTalk spokeswoman told PA that its investigation into what had been stolen includes a database of past customers, saying: "We are running the data, we just don't know at the moment."
The most recent breach was the third in a spate of cyber attacks affecting them in the last eight months.
In August the company said its mobile sales site was hit by a "sophisticated and co-ordinated cyber attack" in which personal data was breached by criminals.
In February TalkTalk customers were warned about scammers who managed to steal thousands of account numbers and names from the company's computers.
Mrs Harding told the BBC "the awful truth is I don't know" whether all the data was encrypted, adding: "With the benefit of hindsight, were we doing enough? Well, you've got to say that we weren't and obviously we will be looking back and reviewing that extremely seriously."
Scotland Yard's cyber crime unit said it has launched an investigation alongside the National Crime Agency (NCA) but no arrests have been made.
The Information Commissioner's Office (ICO) said it has been informed of the cyber attack on Thursday, with a spokesman saying: "We will be making enquiries and liaising with the police."
One theory for the motive behind the attack had been Islamic extremism, with one self-proclaimed Jihadi group putting what it said was personal details of TalkTalk customers on a website.
However, the accuracy of the information has not been verified and there was also speculation that blackmailers could be behind the attack.
Professor Peter Sommer, from De Montfort University's cyber security unit, told the BBC's Today programme: "It seems to me the suggestion that these are Islamic terrorists who are perpetrating it is unlikely, not impossible.
"One has to look at what is probably the most likely outcome. One of them is an extortion attempt; since they have gone public I suspect that's not going to work. The other one is just to get hold of the credit card information, get hold of the personal information."
Professor Mark Skilton, an IT consultant and academic at Warwick Business School, said: "Large-scale data theft is increasingly big business for professional cyber criminals.
"The value of personal identity data records and account details is increasingly high as it can be used in masquerading identity to commit theft of other data; or give direct access to personal bank account money and fraudulent transactions."
TalkTalk's share price plunged 11% on Friday morning, but recovered as the day progressed to close at 4.4% below its opening price.
TalkTalk said it is working with credit reporting service Noddle to offer 12 months of credit monitoring alerts for free.
A TalkTalk spokesman said: "W e are also working hard to get our services back up securely so they are available for customers to use safely and securely as soon as possible.
"We are extremely sorry for any concern and inconvenience this incident may have caused."