Reports refuse claims of 19 million customer records.
TalkTalk is investigating a possible data breach after threat actor "b0nd" claimed to exfiltrate information belonging to current and former customers.
According to The Register, names, email and IP addresses, subscriber PINs, and phone numbers were stolen from the British telco.
TalkTalk has also refuted the alleged impact of the breach - with some claims that 19 million customer details were stolen - with The Register noting that the firm has only amassed 2.4 million customers since its launch more than two decades ago.
TalkTalk’s head of external communications, Liz Holloway did not name the supplier, but noted that the incident could not be confirmed until the external vendor's investigation is finalised.
“As part of our regular security monitoring, given our ongoing focus on protecting customers’ personal data, we were made aware of unexpected access to, and misuse of, one of our third-party suppliers’ systems,” Holloway told TechCrunch.
“Our Security Incident Response team are continuing to work with the supplier regarding this matter and protective containment steps were taken immediately.”
Written by
Dan Raywood
Senior Editor
SC Media UK
Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.
Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.
