TalkTalk Data Breach Sees Customers Targeted After Engineering Visits

TalkTalk’s reputation for customer security could be damaged even further following claims that criminals have obtained information about engineering visits in an attempt to commit fraud.

Customers told BBC Radio 4’s Moneybox programme they had received calls purporting to be from TalkTalk days after receiving a visit from an engineer, late last year.

In each case, the engineer had said to expect a follow-up call from either TalkTalk or Openreach, but the recipients were still suspicious. However the callers were able to provide the name of engineers, account numbers and even the reference number for the visit, creating the impression that the call was genuine.

TalkTalk data breach

The customers, who were told TalkTalk needed to conduct tests or fix a fault remotely, were then requested to download software that would give the criminals remote access to the computers. The attackers then attempted to change passwords or steal money.

In one case, the customer was able to shut down his PC in time, but another had £300 stolen from her PayPal account, although this was refunded by her bank.

One complained to TalkTalk CEO Dido Harding, but her office said they had no record of the call and dismissed a possible explanation of tampered records. However it later acknowledged the issue and reported it to the Information Commissioner’s Office (ICO).

The company is adamant that it has not received any new complaints since the turn of the year, but another person told the BBC they had received a scam call only this week.

TalkTalk is unable to comment on whether the breach is related to the arrest of three people working for Wipro, one of its outsourcing suppliers in India, as this case is ongoing.

However this is the latest in a series of breaches at TalkTalk, the most serious of which occurred in October.

The scale of the assault was less than originally feared, but 1.2 million email addresses, names and phone numbers were stolen, as were 21,000 account numbers and sort codes and 28,000 partial card details. However, TalkTalk maintains that the data stolen is not sufficient for the attackers to steal money.

In its most recent set of results, TalkTalk said the cyberattack had cost it £60 million in lost revenue and confirmed 101,000 customers had left.

What do you know about fibre broadband?

Steve McCaskill

Steve McCaskill is editor of TechWeekEurope and ChannelBiz. He joined as a reporter in 2011 and covers all areas of IT, with a particular interest in telecommunications, mobile and networking, along with sports technology.

View Comments

  • Of course people leave. This is not the first time their data has been stolen. Since several months ago, I found many reports filed at sites like http://whycall.me about these Dell scams, which caused by the leak of data that TalkTalk has suffered. After we know about these all, who will still be its customer? They have failed to protect customers' data.

Recent Posts

Ericsson To Cut 1,200 Jobs in Sweden Amid ‘Challenging’ Market

Swedish telecoms giant Ericsson blamed “challenging mobile networks market” and “further volume contraction” for job…

20 hours ago

FTX’s Sam Bankman-Fried Sentenced To 25 Years In Prison For $8bn Fraud

Dramatic downfall. Sam Bankman-Fried sentenced to 25 years in prison for masterminding $8bn fraud that…

21 hours ago

Elon Musk Orders FSD Demo For Every Tesla US Sale

Fallout avoidance? Tesla buyers in the US must be shown how to use the FSD…

22 hours ago

Amazon Pumps Another $2.75 Billion Into Anthropic

Amazon completes its $4bn investment into AI firm Anthropic, after providing an additional $2.75bn in…

23 hours ago

The Sustainability of AI

While AI promises unparalleled efficiency, productivity, and innovation, questions regarding its environmental impact loom large.…

1 day ago