LONDON: Efforts by Talk Talk, the telecoms business that is the UK's seventh largest advertiser, to contain the impact of a security breach last week have taken another hit as it emerges that past customers may also be at risk from criminal activity.
The company revealed last Thursday that millions of customer details – including names, addresses, dates of birth and account numbers – had been stolen in a cyberattack and that it had received a ransom demand.
According to the Telegraph, the initial figure of 4m people affected could be much higher when former subscribers are added; it noted that the broadband industry has seen between 16% and 25% of its customer base switching providers annually.
"There is a risk and a chance that some previous TalkTalk customers' details were stored on the website," a company spokeswoman admitted. "It's easy for us to pull our existing customers' details and e-mail them but it's not so easy for us to do that for former customers," she added.
Chief executive Dido Harding played down weekend speculation that criminals were already targeting people's bank accounts using stolen details. "It is just factually impossible," she said, since the details obtained were insufficient to take money out of a bank account.
But she acknowledged a concern that criminals could call customers pretending to be from TalkTalk to request money or access to a computer, or call the company impersonating the customer.
The company has also suspended most of its above-the-line advertising, Campaign reported, including its sponsorship of TV talent show The X Factor, and directed its internet search budget towards public information messages about the status of the investigation into the data breach.
Security experts have suggested that data is frequently left unprotected on computer servers and that planned new legislation targeted at accessing encrypted terrorist messages could make it even easier for cyber criminals to steal consumers' personal information.
Data sourced from Telegraph, Campaign, Financial Times; additional content by Warc staff