Reports refuse claims of 19 million customer records.
TalkTalk is investigating a possible data breach after threat actor "b0nd" claimed to exfiltrate information belonging to current and former customers.
According to The Register, names, email and IP addresses, subscriber PINs, and phone numbers were stolen from the British telco.
TalkTalk has also refuted the alleged impact of the breach - with some claims that 19 million customer details were stolen - with The Register noting that the firm has only amassed 2.4 million customers since its launch more than two decades ago.
TalkTalk’s head of external communications, Liz Holloway did not name the supplier, but noted that the incident could not be confirmed until the external vendor's investigation is finalised.
“As part of our regular security monitoring, given our ongoing focus on protecting customers’ personal data, we were made aware of unexpected access to, and misuse of, one of our third-party suppliers’ systems,” Holloway told TechCrunch.
“Our Security Incident Response team are continuing to work with the supplier regarding this matter and protective containment steps were taken immediately.”
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
