Information Commisioner’s Office starts probe into third attack on phone company in eight months

Hacking/cyber attack

Mobile phone company TalkTalk said it received a ransom demand from someone claiming to be behind a cyber attack that cleaned out account details of up to four million customers.

The company is investigating whether credit card and bank details were taken in Wednesday’s attack, the third time this year it has been the victim of a cyber crime.

It is not yet clear whether TalkTalk has coverage for this kind of event or whether any policy has been triggered.

The Information Commissioner’s Office has started an investigation into the breach, and whether the company informed the watchdog promptly enough. The attack started on Wednesday morning, but customers weren’t informed until late on Thursday.

Information Commissioner Christopher Graham told BBC Radio, “I wish we had heard a little bit earlier and we could have been more ‘out there’ giving advice to consumers about what they need to protect their personal information.”

Graham said the ICO is already investigating TalkTalk over two previous data breaches.

TalkTalk’s chief executive Dido Harding told the BBC: “I personally received a contact from someone purporting - as I say, I don’t know whether they are or are not - to be the hacker, looking for money.”

This is the third breach the company has suffered in the past eight months.

Despite the attack happening on Wednesday morning, TalkTalk informed customers on Thursday night.

Scotland Yard’s cyber crime unit has launched an investigation alongside the National Crime Agency (NCA) but as yet no arrests have been made.

The Insurance Times Cyber Insight 2015 conference is uniquely focused on giving brokers and insurers the know-how they need to better protect their clients and develop their business. Find out more here

Cyber insight online