cancel
Showing results for 
Search instead for 
Did you mean: 

Talk Talk Stolen Data

Cleoriff
Level 94: Supreme
  • 122356 Posts
  • 824 Topics
  • 7457 Solutions
Registered:

Talk Talk have admitted that some customers accounts have been 'hacked'.

The information stolen included names, addresses, phone numbers and TalkTalk account numbers. The company was confident that no sensitive or payment data went astray in the hack.

The theft of data was unearthed when TalkTalk investigated a sudden rise in complaints from customers about scam calls between October and December 2014  'Only a few thousand accounts were affected'!!

It made interesting reading to see Talk Talk admitting that the attackers got at some of TalkTalk's internal systems via a third-party that also had access to its network. Legal action is now being taken against this unnamed third party.

http://www.bbc.com/news/technology-31656613

I am no expert....but does this ring warning bells with anyone? slight_frown

Veritas Numquam Perit

Girl in a jacket
Message 1 of 51
3,077 Views
50 REPLIES 50

Anonymous
Not applicable

Gerry wrote:

 

What I am not entirely clear about is what customers/users like me can actually do about it in our everyday interactions with the digital world, apart from withdrawing our custom from "guilty" companies.  Of course we can ensure we have some anti-virus/malware/firewall precautions in place, but how do we know we can trust them?

 

 

 

Sadly, you can't trust any technical measure on it's own to protect you 100%.  Anybody who tells you otherwise is misleading you.

 

 

 

The best protection you have against viruses, malware, spyware, and other hacking attempts on your own computer is common sense.  Having said that, as a home user who just wants to enjoy these things and understandably has limited time and interest to learn how it all works you will always have a higher risk than a computer hobbyiest/enthusiast.  Therefore your best bet is to assume that your computer will be hit at some time or other, and be careful to limit the damage that you will suffer.  That's not to say that you should ignore all other advice about protecting yourself, quite the opposite, but frankly, if you sit down in front of your computer and assume that somebody is already spying on you right from the beginning, you'll take a lot more care about what you put on there.  And buy a separate, cheap laptop to put all of your valuable photos on, which you don't connect to the internet.  That massively reduces the risk of you loosing those to a virus or other nasty.

 

 

 

Most businesses will have a paragraph somewhere on their websites informing us that they take our data security and privacy seriously etc. but how do we check that out?

 

 

 

You can't.  Nobody can, (except maybe employees of the specific company).

 

 

 

Everybody concentrates far too much attention to the importance of having a safe link between their browser and the website they are dealing with, and neglects other things.  That lulls people in to a false sense of security.

 

 

 

For example, an on-line retailer could easily set up a very good, very secure website to accept your details.  It might be perfect from a technical point of view.  You might be using a secure, virus-free, malware-free computer to connect to them.  Your details would be perfectly safe in transit over the internet.  Nothing to worry about.  Both ends seem perfectly secure and trustworthy.

 

 

 

But once those details finish their journey over the internet, who knows what happens to them?  Specifically, how the company handles them in it's internal system, which is also usually connected to the internet, perhaps without any due care or attention at all.  It could be virtual cesspit of malware running on a computer that hasn't been looked at for years, because it "just works".  That's even more difficult to forgive, because their internal system doesn't need to have public access at all, and could, and should be completely isolated.  But in the eyes of many companies, it doesn't warrent the investment that the flashy customer facing website does.

 

 

 

And for all you know, those details could even have been printed off and the orders typed in to the company's internal system by clueless YTS kids, who just chuck the print outs with your card number and address in the bin without shredding it.

 

 

 

When Norton shows me "This page is safe" does that tell me anything about how good the originating company might be in safeguarding my personal information?

 

 

 

See the above paragraphs.  It gives you an idea of how trustworthy the computer you are connecting to is.  That will maybe help you avoid mal-ware ending up on your own machine, which is good, but it basically tells you nothing about the responsibility of the company handling your information.

 

 

 

You cannot know how responsible on-line companies will be.  Technically you could say the same about bricks and mortar businesses too, you don't know who works 'out the back', so to speak, but at least in that case you can avoid obviously dodgey looking retailers.

 

 

 

So instead, you should be careful what information you provide to them.  You can't avoid giving name and credit card details, for example.  But you can vary these details, sometimes using a middle name or inital, and sometimes not, or by including a house name on some and not others.  That will help you point the finger if your details are ever made public and you don't know where they came from.  Also, don't use the same password, or security questions on every site you use, because the first thing a hacker will do with a big long list of passwords is to try them on other sites.  And usually a large number or them will work, because people are so lazy about this!

 

 

 

Also, don't necessarily sign up to every new site by using your facebook/twitter/google logins.  Really, does a site really need to know everything you've published about yourself just to sell you a book or something?

 

 

So to sum up...  You're not safe on-line.  Your information is not safe or private.  Well, maybe it is, but you can't be sure of that, so best assume it's not.  Once you start to think like that, you'll be more careful to limit the information you give out, which is the key to protecting yourself.  You want to try to reduce your exposure so that when a company you deal with allows themselves to be hacked in to, and your details stolen, it's just one credit card you have to cancel, rather than all of them, and your email and accounts with other people are out of harms way because you didn't use any common passwords.

 

 

 

In a nutshell, that is the best that the typical man in the street who wants to use on-line services can do.

 

 

 

And obviously, make a loud noise and complain to anywhere that does let your personal details leak, as well as making other people aware that it was carelessness that caused it.

 

Message 41 of 51
757 Views

Anonymous
Not applicable

Very many thanks for such a comprehensive reply @Anonymous - Fortunately I don't do Faceache, Twatter or any of the other "social media" things, but i do get annoyed and indeed worried sometimes at the way I know advertising is very much directed at me despite my using AdBlock and DoNotTrack me.  By accident rather than intent I have have over the years used a number of different email addresses for different purposes and chnage passwords frequently, but I take on board what you say about the information I give out and will think about that for future use.

 

Again many thanks for taking time to make these important issues a little more accessible in a way that my few remaining grey cells can grasp.  slight_smile 

Message 42 of 51
748 Views

anticpated
Level 30: Meditator
  • 3412 Posts
  • 164 Topics
  • 53 Solutions
Registered:

Yes to be serious for one moment, this is an informative series of posts (with the exclusion of mine). The biggest struggle is keeping up with all the latest tricks to con and persuade people to give out information without them being aware of it.

 

Samsung Galaxy S10, Samsung Galaxy S21 Ultra
Message 43 of 51
725 Views

Anonymous
Not applicable

Now I do wonder @Anonymous why, when I refer to Facebook as Faecesbook I get slapped down for it by one particular moderator but several call it Faceache and Twatter is a new one on me but nothing gets said.


A rule for one. .....

Message 44 of 51
723 Views

anticpated
Level 30: Meditator
  • 3412 Posts
  • 164 Topics
  • 53 Solutions
Registered:

Sauron sets the rules, not for one for negotations though unless you slip him a 15-year old vintage single malt though.

 

Samsung Galaxy S10, Samsung Galaxy S21 Ultra
Message 45 of 51
713 Views

Anonymous
Not applicable

@Anonymous wrote:

Now I do wonder @Anonymous why, when I refer to Facebook as Faecesbook I get slapped down for it by one particular moderator but several call it Faceache and Twatter is a new one on me but nothing gets said.


A rule for one. .....


Well, on the bright side @Anonymous  - when they are slapping you down they are leaving me alone!  LOL   You may rest assured they give me no quarter!! Crazy

 

I have just noticed a strange thing.  In the email I got on my phone alerting me to your post the wording is somewhat different from what I read on my PC.  In the email your words are " when I refer to Facebook as Facebook I get slapped down .............but several call it Face ache and Tattershall [sic] is a new one on me..........."    Weird is that!  How did the text get changed?

Message 46 of 51
699 Views

Anonymous
Not applicable
Cos I edited the typos @Anonymous
Message 47 of 51
696 Views

Cleoriff
  • 122356 Posts
  • 824 Topics
  • 7457 Solutions
Registered:

@Anonymous wrote:
Cos I edited the typos @Anonymous

I noticed that Nick. I actually preferred the unedited version....much funnier....LOL

Veritas Numquam Perit

Girl in a jacket
Message 48 of 51
693 Views

Anonymous
Not applicable
Ah! I would not be a very good detective, would I @Anonymous ?
Message 49 of 51
685 Views

Anonymous
Not applicable

For the record, I'd like to note that I hate all social networking sites with a passion.  I also hate kik, whatsapp, and all these other messaging services.  Web-based email irritates me too.

 

Infact, anything invented after about 2000 irritates me.

 

Every day I see people fiddling around with a slow internet connection, pointing and clicking and spending half an hour to reply to one email, and telling me how they prefer to do everything by instant messaging because email is too slow.

 

Then I go home and load up my email program which looks and behaves basically like an instant messenger, and lets me find and reply to mail in about 10 seconds plus the time it takes to write the message, and remain confused as to why the email system of old has been destroyed by a few bad, low quality email providers, only to be replaced by IM, which works how just how the email system used to.

 

Plus, nowadays I increasingly find people with badly set up email addresses that reject a load of genuine email along with spam, and the user knows nothing about it.  Much of that can be blamed on Spamhaus, an obnoxious organisation that has made life an inferno for us techies, even those who have no interest in sending spam.

Message 50 of 51
676 Views