TalkTalk said over the weekend that subscribers’ full financial details were not accessed during last week’s cyber attack, but urged customers to remain vigilant nonetheless.
The U.K. telco fell victim to what it called a significant and sustained cyber attack last Wednesday during which the names, addresses, date of birth, contact details including phone number and email address, as well as account information and bank information of all 4 million of its customers may have been accessed.
Customers were left incensed after it emerged that TalkTalk does not encrypt some of the information it holds about its customers, including bank account details.
In an updated statement on Saturday, TalkTalk said the attack targeted its Website – which does not store complete credit or debit card information – not its core systems. TalkTalk account passwords were not accessed either, the company said.
"We now expect the amount of financial information that may have been accessed to be materially lower than initially believed and would on its own not enable a criminal to take money from your account," TalkTalk said.
Nevertheless, TalkTalk customers are advised to keep checking their bank accounts and to report anything unusual to their b ank and Action Fraud, the U.K.’s national fraud and Internet crime-reporting centre.
"TalkTalk will never call customers and ask you to provide personal details or passwords. Please take all steps to check the true identity of any organisation that calls requesting for personal information," the telco added.
