Two weeks ago, telecom provider Talk Talk was hacked in an attack that left sensitive information of thousands of users in wrong hands including credit card details. TalkTalk revealed last week that hackers had gained access to the personal and financial details of thousands of its customers which puts a question mark on the integrity of the security systems of TalkTalk.
Cyber security experts and officials with close knowledge of the hack have said that TalkTalk failed to implement basic measures to make sure it was well protected from a determined hacker, even as news has emerged that the breach affected far fewer of the company’s customers than had originally been feared.
Dido Harding, CEO of TalkTalk, said that her team had worked “round the clock for eight days” to assess the extent of damage done by the attack. Ms.Harding said that she had the support of the board and investors, who had encouraged her “to do right” about the cyber attack. “Investors have been extremely supportive of the business and me,” she said. She rejected suggestions that TalkTalk’s cyber security was in any case, worse than other companies, saying that “if anything, it has dramatically improved in the last year”. She also stated: “What we have done, unlike others, is been open and honest.
TalkTalk said in a statement it believed fewer than 21,000 bank account numbers and sort codes had been taken during the attack, although it warned that up to 1.2m customer email addresses, names and phone numbers had been exposed, which could lead to extensive scamming attempts.Up to 28,000 obscured credit and debit card details and 15,000 customer dates of birth were also at risk of being used by criminals, it added. Original estimates last week had suggested all 4m of the company’s customers could have been affected.
So far 4 people have been arrested in connection with the attack including a 16 year old juvenile which was later released on bail. The Metropolitan Cyber Crime Unity is still performing investigation on the attack and who is behind it along with their possible motives although there have been calls for ransom to the phone and broadband provider.
Now discussing the local scenario, things in Pakistan are also not very bright, most corporate entities lack secure systems and quite often websites are hacked and there’s always the possibility of a breach of sensitive data, to ensure your accounts and personaly information is safe online, try to follow the tips given below:
1) Always keep a strong password for any online account, be it email or social media or anything else. A recommended strong password should contain upper and lower case letters, numbers and symbols to make it hardest to crack.
2) Never share credit card info or passwords in emails or instant messengers.
3) Do not click any malicious looking links or open emails that seem to have come from illicit addresses. These usually contain malware or spyware. These emails are made to look legit but there are giveaway signs of them being phishing/scam ones.
4) Try to change your passwords once in a while and on an ASAP basis whenever a certain service is under an attack, never keep same password for multiple accounts that may be linked to each other.
5) Use debit/credit cards for online transactions only on trusted websites.
6) Use a good anti-virus solution to stay safe from malware/spyware attacks.
7) Enable 2-step authentication process where available.
By following the above mentioned tips you can safeguard your accounts/sensitive information online. What’s your opinion on online identity theft and data loss? Let us know in the comments below.