"Hackers demand ransom from TalkTalk, British telecom firm" by Mark Scott New York Times October 23, 2015
The chief executive of TalkTalk, a British telecommunications provider, said Friday that she had received a ransom demand from hackers who had claimed responsibility for stealing data on some of the company’s 4 million customers.
Did they leave a mark behind?
TalkTalk, which offers cable and fixed-line services in Britain, said local authorities had opened a criminal investigation into the widespread data breach. The hackers may have gained access to personal data on the company’s customers, including sensitive information like credit card details, dates of birth, and addresses.
“Yes, we have been contacted, but I don’t know whether it’s an individual or a group purporting to be the hacker,” Dido Harding, TalkTalk’s chief executive, told the BBC.
Harding did not provide further details on who the hackers could be.
With all the data collection and surveillance, they should be pretty easy to track down.
Blair Bishop, a TalkTalk spokeswoman, confirmed that the company had been contacted by someone claiming responsibility and seeking payment.
In a statement, the broadband provider said it did not know how much of its users’ data had been compromised, and that the British police were leading the investigation. TalkTalk said it had become aware of the breach late Wednesday.
“We have also begun contacting all customers directly with full details,” the company said in a statement.
Despite the claims of responsibility, it remained unclear whether the group that had contacted TalkTalk was behind the breach or whether the ransom demands were credible.
Yet TalkTalk’s data breach — the third successful attack on the company in the past 12 months — is the latest in a number of online hackings that have affected a wide range of companies, including Target, Home Depot, and JPMorgan Chase.
Who were they hacked by again and from where?
It also potentially represents a high-profile example of hackers’ efforts to ransom stolen online data to companies or individuals.
Do you know how hard it is to make a clean drop?
I mean, they can't have them wire the money.
Such tactics, commonly known as ransomware, have often involved hackers encrypting people’s computer data and holding it hostage until a fee is paid. In certain instances, hackers have also stolen data directly from companies and demanded payment for not publishing the material.
Despite TalkTalk’s rapid response to the data breach, some users and security experts criticized the company for going public about the hacking before knowing all the details.
The telecom provider’s efforts, however, come before planned changes in Europe that would force any company that has been affected by a data breach to inform privacy regulators within three days of the hacking or potentially face fines.