TalkTalk website hacked: it means my personal details are compromised :-(

Posted on 26 October 2015 by Tahir
talktalk

The last week’s news came out direct from TalkTalk was a personal shock to me as I am also one of their customer and now I have been a victim of this cyber attack. The first thing I wanted to do is to change my password for TalkTalk account but its website is still not available to do so. The most worrying thing is that there is still no answer to a fundamental questions: that what data was breached and if it was encrypted?

In an update, TalkTalk said the amount of financial data stolen from its systems was “materially lower” than expected, and said that the attack was on its public-facing website and not its core systems.

The data which may have been breached includes:

  • Names
  • Addresses
  • Dates of birth
  • Email addresses
  • Telephone numbers
  • TalkTalk account information
  • Credit card details and/or bank details

Now, believing in that my details held with TalkTalk have been compromised, I have taken below precautionary measures and would suggest those who are affected to consider doing so:

  • Change passwords:

As said above, TalkTalk website is still not available but when it do so, please change your TalkTalk account password.

If same password is also used to protect another online account, for example, banking, social media or any other essential service, passwords should also be changed.

  • Answering phone calls/emails:

Be careful, if you receive a phone call from your bank or email asking to reveal any passwords or banking details. TalkTalk and banks repeatedly said that they will never ask personal passwords or PIN’s to be revealed over the phone or via email.

  • Check your bank/credit card accounts:

Watch your bank accounts in case of any unexpected activity and report it to your bank immediately.

  • Credit monitoring.

I received an email from TalkTalk with TT231 code, which can be used at Noddle to monitor your file for the next 12 months free of cost. More details are via this link

We as consumers expect from relevant authorities who are investigating this breach to get answers to these fundamental questions for us:

  • Have TalkTalk done their required due diligence to protect sensitive data?
  • Was that data stored encrypted?
  • Was encryption keys were protected?
  • When their website was last pen tested, by whom and what was the current status of any open issues at the time of breach?
  • Was they PCI compliant at the time of breach?
  • It appears it is not first time their website was attached, did they acted upon on recommendations resulted from last breach?
Posted in Data Breaches | Comments Off on TalkTalk website hacked: it means my personal details are compromised :-(

Underworld of Hackers; how they work and what you can do to protect yourself

Posted on 30 December 2014 by Tahir

Always wonder, what is the value of your personal information to hackers, why they want it and what potential threats may be on your way, once they have it? In this article you will not only see how underworld of hackers work but also understand the value of your personal information, cards and even your PC; when traded in the dark web. Dell has also provided some mitigating information for both companies and individuals. Worth reading, very valuable information…….

Posted in Online Safety | Comments Off on Underworld of Hackers; how they work and what you can do to protect yourself

GCHQ employs: dyslexic and dyspraxic spies

Posted on 23 September 2014 by Tahir

I came across an interesting article published in Sunday Telegraph about the employment of dyslexic young people by GCHQ. More than 100 dyslexic and dyspraxic ‘neuro diverse’ analysts were employed so far. Unfortunately in many countries of the world, this problem is not diagnosed in a timely fashion; people are branded as dull, clumsy leaving them to become burden on society in one or another way.

See this impressive video. Is it not remarkable?

Posted in Nation-State | Comments Off on GCHQ employs: dyslexic and dyspraxic spies

Free Site Recovers Files Locked By Cryptolocker

Posted on 11 September 2014 by Tahir

Previously, I shared some info about Cryptolocker (ransomware), discovered in September 2013 which is a malware that encrypts a windows user’s data files including documents, photos and music. So what was the only option for a Windows user to get that data back: unfortunately pay ransom to hackers whatever amount they demand? But, now good news is that two security companies: FireEye and Fox-IT have launched a site: decryptcryptolocker.com which can be used by anyone wants to recover their files locked by Cryptolocker. How the site works apparently by sending an email link that victims can use to download a recovery program to get back all of their files. Thanks to these two companies as the service is free, so enjoy 🙂

Posted in Ransomware | Comments Off on Free Site Recovers Files Locked By Cryptolocker

Why most credit hacks happening in US?

Posted on 24 December 2013 by Tahir

In recent years, more than 80 countries have upgraded to credit cards embedded with microchips. Cards with chips are inconceivably difficult to counterfeit, and there’s added security in every swipe: Terminals require a user’s PIN, and the information on the chip is encrypted.

Yet Americans keep using payment technology that was developed in the 1960’s. That poses a big risk: Cards with magnetic stripes deliver all your data without hiding anything. Swipe your card and the computer sees everything in plain text: your name, credit card provider, card number, expiration date and more. Continue reading…

Posted in Data Breaches | Comments Off on Why most credit hacks happening in US?

Wow….You’re infected—if you want to see your data again, pay us $300 in Bitcoins

Posted on 18 October 2013 by Tahir

Malware that takes computers hostage until users pay a ransom is getting meaner, and thanks to the growing prevalence of Bitcoin and other digital payment systems, it’s easier than ever for online crooks to capitalize on these “ransomware” schemes. If this wasn’t already abundantly clear, consider the experience of Nic, an Ars reader who fixes PCs for a living and recently helped a client repair the damage inflicted by a particularly nasty title known as CryptoLocker.

It started when an end user in the client’s accounting department received an e-mail purporting to come from Intuit. Continue reading…

Posted in Ransomware | Comments Off on Wow….You’re infected—if you want to see your data again, pay us $300 in Bitcoins