UK telecom company Talk Talk has been breached by hackers and some 4 million customers may be exposed to data theft, according to their site.
It appears the company website was hacked, and attackers accessed servers storing sensitive information. This includes names and addresses, email addresses, telephone numbers and, most importantly, credit card and bank details.
Today (Thursday 22nd October), a criminal investigation was launched by the Metropolitan Police Cyber Crime Unit following a significant and sustained cyberattack on our website yesterday,” Talk Talk said on its help page.
The company also said its systems were “as secure as they could be,” but somehow attackers managed to outsmart them.
What could have happened?
Everybody is asking the same question. While investigations are underway, the media is making assumptions. In case you didn’t know, here are several techniques attackers can use to knock down a website and eventually access its data severs:
Cross-site scripting attacks – they take advantage of a security loophole or web application to inject malicious scripts into a site. XSS is among the most rampant of web application vulnerabilities, they provide the perfect ground to escalate attacks to more serious ones.
SQL injection – involves entering SQL code into web forms (log-in fields or into the browser address field) to access and manipulate the database behind the site, system or application. When you enter text in the username and password fields of a log-in screen, the data is typically inserted into an SQL command. This command checks the data you’ve entered against the relevant table in the database. If it matches, you’re granted access. If not, you’re knocked back out.
Denial-of-service attacks – used to overload or flood a site with requests to disrupt its operations and render it unavailable. This attack is also used in defacements and doesn’t necessarily imply that hackers gained access to data servers.
More worrisome is the fact that TalkTalk did not fully encrypt its sensitive data.
“Not all of the data was encrypted. We constantly review and update our systems to make sure they are as secure as possible,” they said.
This is the third cyber-attack to affect TalkTalk over the past 12 months.
Talk Talk customers are not left with many options. All they can do is change their account passwords and closely monitor their bank account activity for fraudulent purchases. Hackers will most likely try to take advantage of the breach by sending related phishing spam or requesting passwords or banking details via telephone.
If you’re a worried site owner, here are seven key tips to keep your platform safe:
- Keep software up to date.
- Create strong passwords to secure server and website admin area.
- Use a security certificate to secure personal information passing between the site and web server or database.
- Implement firewalls on all endpoints, including servers and desktops.
- Use VPN when available.
- Do not use public computers to access sensitive information.
- Encrypt highly sensitive emails.