TalkTalk Says Cyber Attack Targeted Website, Not Core SystemsSteve Geimann
Cyber attack probably accessed less data than initially feared
Website doesn't store full details of customer credit cards
TalkTalk Telecom Group Plc said the cyber-attack on its website this week probably gleaned less financial information than initially thought, and not enough to allow access to customers’ bank accounts.
The attack was on TalkTalk’s website and not its core systems, the London-based company said Saturday in an e-mailed statement.
“We now expect the amount of financial information that may have been accessed to be materially lower than initially believed,” TalkTalk said.
The company is the most recent victim of an attack by hackers attempting to steal information. T-Mobile US Inc., Dixons Carphone Plc and Sony Corp. have sustained attacks in the past year. Adultery website AshleyMadison.com was hit in July and the perpetrators ended up releasing information they said included details of more than 36 million users including full names, e-mails and banking information.
A person claiming to be responsible for the TalkTalk hack contacted the company seeking payment, a spokeswoman said on Friday, declining to say how much the person asked for. The stock fell the most in more than two years in London after the company said it had been the victim of a “significant and sustained” hack on Wednesday.
TalkTalk, which provides phone and Internet service to about 4 million customers, said it doesn’t store complete credit card details on its website. Any card details would have concealed some numbers “and therefore are not usable for financial transactions,” it said.
Account passwords weren’t accessed, the company said.