Overclock.net › Forums › Industry News › Software News › [BBC] TalkTalk ISP cyber-attack: Website hit by 'significant' breach - Updated Data for sale on dark web, £20
New Posts  All Forums:Forum Nav:

[BBC] TalkTalk ISP cyber-attack: Website hit by 'significant' breach - Updated Data for sale on dark web, £20

post #1 of 24
Thread Starter 
SOURCE
SOURCE 2
UPDATE - Second Teen arrested and data for sale
Quote:
Cyber security consultant and former Scotland Yard detective Adrian Culley told BBC Radio 4's Today programme that a Russian Islamist group had posted online to claim responsibility for the attacks.
He said hackers claiming to be a cyber-jihadi group had posted data which appeared to be TalkTalk customers' private information - although he stressed their claim was yet to be verified or investigated.
Dido Harding, chief executive of the TalkTalk group, told BBC News the authorities were investigating and she could not comment on the claims.
Quote:
The BBC is reporting that TalkTalk's website was targeted by a DDoS attack — overwhelming servers with traffic. This on its own wouldn't give the attacker access to internal data, however.

The TalkTalk website is still unavailable; as of Friday morning, this is what users attempting to access their account see:


Quote:
The BBC reports that TalkTalk is offering affected customers a year of free credit monitoring.

In a statement, TalkTalk said:

We would like to reassure you that we take any threat to the security of our customers’ data very seriously. We constantly review and update our systems to make sure they are as secure as possible and we’re taking all the necessary steps to understand this incident and to protect as best we can against similar attacks in future. Unfortunately cyber criminals are becoming increasingly sophisticated and attacks against companies which do business online are becoming more frequent.

UPDATE- 609,239 stolen British personal details on sale for £20 each on Dark Web
Quote:
A government spokesperson told the Financial Times that the UK government has invested £860m into cyber security and has a number of schemes designed to help UK businesses improve their security measures: "We are looking carefully at the level of regulation. Every company body should be fully aware of the risk from cyberattack, and be confident that the company has proper security in place."

The revelations come just after the TalkTalk hack on 22 October, which saw the names, addresses, dates of birth, contact numbers, email addresses, bank details and credit card numbers of customers stolen in a major cyberattack, with some customers reporting that money had been stolen from their bank accounts.

On Tuesday 27 October, a 15-year-old boy in Northern Ireland was arrested in connection with the TalkTalk data breach, but he is now out on bail as enquiries continue.

If its as savage as they say it is then that's a big problem.


Who keeps card details unencrypted! Surely that cant be all the card details, maybe some part of them.
Shadownet
(12 items)
 
 
CPUMotherboardGraphicsRAM
5930k Asus rampage V Extreme  Inno3D GTX 970 Hercluez x4 airboss ultra  Gskill ripjaws DDR4 3200mhz 
Hard DriveHard DriveHard DriveCooling
WD black  WD Black  Seagate ES  Custom loop  
OSKeyboardPowerCase
Windows 10  Corsair k70  Super flower 1000 W plat  Corsair 900D 
  hide details  
Reply
Shadownet
(12 items)
 
 
CPUMotherboardGraphicsRAM
5930k Asus rampage V Extreme  Inno3D GTX 970 Hercluez x4 airboss ultra  Gskill ripjaws DDR4 3200mhz 
Hard DriveHard DriveHard DriveCooling
WD black  WD Black  Seagate ES  Custom loop  
OSKeyboardPowerCase
Windows 10  Corsair k70  Super flower 1000 W plat  Corsair 900D 
  hide details  
Reply
post #2 of 24
I'm no security expert but looking at the extract they are mostly Tiscali accounts.

There are also some Unix timestamps in there e.g. 1311343301 = Fri, 22 Jul 2011 14:01:41 UTC
So why would they show data that is over 4 years old? Surely they would use current data to show how powerful and recent they are.

It looks like some user data and some registration journey stuff.

Maybe they didn't hack it at all, and the hacker has shown them old data that was nabbed years ago (probably when Tiscali and TalkTalk merged) and did a DDoS attack to get themselves noticed.


When the "hackers" are found out I hope they are treated to the full extent of the law but they hardly ever mention that in the media when they are caught. As for the fundamentalist angle, it's all rubbish. They just wanted cash.

Lock them in a room with an Atari ST, some blank floppy disks, an original of Dungeon Master, some tools (Devpac, Disk Doctor, Fastcopy) and ask them to remove the copy protection and copy it to a normal disk. No internet access. If they can't do it then they should never be allowed to own a computer again. That'll learn 'em.
post #3 of 24
Thread Starter 
Quote:
Originally Posted by quinceharmon View Post

I'm no security expert but looking at the extract they are mostly Tiscali accounts.

There are also some Unix timestamps in there e.g. 1311343301 = Fri, 22 Jul 2011 14:01:41 UTC
So why would they show data that is over 4 years old? Surely they would use current data to show how powerful and recent they are.

It looks like some user data and some registration journey stuff.

Maybe they didn't hack it at all, and the hacker has shown them old data that was nabbed years ago (probably when Tiscali and TalkTalk merged) and did a DDoS attack to get themselves noticed.


When the "hackers" are found out I hope they are treated to the full extent of the law but they hardly ever mention that in the media when they are caught. As for the fundamentalist angle, it's all rubbish. They just wanted cash.

Lock them in a room with an Atari ST, some blank floppy disks, an original of Dungeon Master, some tools (Devpac, Disk Doctor, Fastcopy) and ask them to remove the copy protection and copy it to a normal disk. No internet access. If they can't do it then they should never be allowed to own a computer again. That'll learn 'em.

You've raised and interesting point . I've always wondered if it was some legacy data rather than new . I find it hard to believe they could store so much data all unencryped or securely .

Its common that old legacy systems used by smaller bought up companies are weak or not migrated properly into the new company.

You even get it when ISPs merge, the incompatibility or lack of easy to merge data usually causes issues .

Once a full report is released it will be interesting to see how it was done .

Yeah normally this sort of data is sold for bitcoins online on the dark net . I wonder how long it is until it appears for sale and how much .
Shadownet
(12 items)
 
 
CPUMotherboardGraphicsRAM
5930k Asus rampage V Extreme  Inno3D GTX 970 Hercluez x4 airboss ultra  Gskill ripjaws DDR4 3200mhz 
Hard DriveHard DriveHard DriveCooling
WD black  WD Black  Seagate ES  Custom loop  
OSKeyboardPowerCase
Windows 10  Corsair k70  Super flower 1000 W plat  Corsair 900D 
  hide details  
Reply
Shadownet
(12 items)
 
 
CPUMotherboardGraphicsRAM
5930k Asus rampage V Extreme  Inno3D GTX 970 Hercluez x4 airboss ultra  Gskill ripjaws DDR4 3200mhz 
Hard DriveHard DriveHard DriveCooling
WD black  WD Black  Seagate ES  Custom loop  
OSKeyboardPowerCase
Windows 10  Corsair k70  Super flower 1000 W plat  Corsair 900D 
  hide details  
Reply
post #4 of 24
Thread Starter 
Update added regarding second arrest and data being sold
Shadownet
(12 items)
 
 
CPUMotherboardGraphicsRAM
5930k Asus rampage V Extreme  Inno3D GTX 970 Hercluez x4 airboss ultra  Gskill ripjaws DDR4 3200mhz 
Hard DriveHard DriveHard DriveCooling
WD black  WD Black  Seagate ES  Custom loop  
OSKeyboardPowerCase
Windows 10  Corsair k70  Super flower 1000 W plat  Corsair 900D 
  hide details  
Reply
Shadownet
(12 items)
 
 
CPUMotherboardGraphicsRAM
5930k Asus rampage V Extreme  Inno3D GTX 970 Hercluez x4 airboss ultra  Gskill ripjaws DDR4 3200mhz 
Hard DriveHard DriveHard DriveCooling
WD black  WD Black  Seagate ES  Custom loop  
OSKeyboardPowerCase
Windows 10  Corsair k70  Super flower 1000 W plat  Corsair 900D 
  hide details  
Reply
post #5 of 24
I saw the article in "The People" newspaper. It was a right laugh.
They had an "interview" with an alleged seller on the dark web offering data cheap. It seems a bit shady. If the cops have implicated 3 hackers so far they must have left an easy trail behind them, or Tor isn't secure at all.



They also had a sensationalist screenshot of a PC running chkdsk mad.gif saying ,"This is what hackers see! In black and white".
Well... only if they've got a knackered hard disk.

They didn't even try to get a screenshot of a script trying a SQL Injection attack, HTML, some network tracing software or even hexdump or something. No! Sodding chkdsk. They must think their readers are idiots. The standards of journalism are dreadful so I wouldn't trust a word of what they publish.
Edited by quinceharmon - 11/2/15 at 5:15pm
post #6 of 24
As a talk talk customer it is really disheartening to hear about things like this, ISP's -should- be the most secure.

Funny thing is they want you to change your login details but because they're doing "Security updates" you can't change all your details ... wheee.gif

I don't know if I'm too bothered by the whole thing, nothing is stolen that really wasn't already "Out there" already. Google, e-bay, amazon .. more than likely have already sold most of this data anyway. My Bank knows about the attack, either way. Nothing I can really do about it. I -have- to trust monkeys with these things.
post #7 of 24
Since my company became an ISP and i have started to work with more and more residential and business network providers, it has opened up so many eyes for me.

2008 - Tiscali provided an DLS connection to my office.
2009 - Call up Support and it looks like Kingston Communication (KCOM) now own the circuit
2012 - Call up Support, i've been told that i need to know speak with UK Solutions
2013 - UK Solutions has now become 6 Degrees Managed Data

its the same with Griffin, MDNX and EasyNet. Once separate companies but in the space of a year just become one big (And really, really bad) ISP

Companies sell customers to other Companies, its a great way to increase the recurring revenue. Just buy a customer base and over night your revenue goes up ££££££
post #8 of 24
Thread Starter 
Quote:
Originally Posted by quinceharmon View Post

I saw the article in "The People" newspaper. It was a right laugh.
They had an "interview" with an alleged seller on the dark web offering data cheap. It seems a bit shady. If the cops have implicated 3 hackers so far they must have left an easy trail behind them, or Tor isn't secure at all.



They also had a sensationalist screenshot of a PC running chkdsk mad.gif saying ,"This is what hackers see! In black and white".
Well... only if they've got a knackered hard disk.

They didn't even try to get a screenshot of a script trying a SQL Injection attack, HTML, some network tracing software or even hexdump or something. No! Sodding chkdsk. They must think their readers are idiots. The standards of journalism are dreadful so I wouldn't trust a word of what they publish.


The people they have arrested are kids .... There would of been trails ....

The way I see it is the first kid boasted about it and gone arrested then dobbed everyone else in .

Yeah you run any CMD prompt and you're an instant hacker aha . No joke I sat in a coffee shop using linux and someone shouted out hes hacking into stuff call the police ... Wasn't even remotely funny...
Shadownet
(12 items)
 
 
CPUMotherboardGraphicsRAM
5930k Asus rampage V Extreme  Inno3D GTX 970 Hercluez x4 airboss ultra  Gskill ripjaws DDR4 3200mhz 
Hard DriveHard DriveHard DriveCooling
WD black  WD Black  Seagate ES  Custom loop  
OSKeyboardPowerCase
Windows 10  Corsair k70  Super flower 1000 W plat  Corsair 900D 
  hide details  
Reply
Shadownet
(12 items)
 
 
CPUMotherboardGraphicsRAM
5930k Asus rampage V Extreme  Inno3D GTX 970 Hercluez x4 airboss ultra  Gskill ripjaws DDR4 3200mhz 
Hard DriveHard DriveHard DriveCooling
WD black  WD Black  Seagate ES  Custom loop  
OSKeyboardPowerCase
Windows 10  Corsair k70  Super flower 1000 W plat  Corsair 900D 
  hide details  
Reply
post #9 of 24
Haha thats when you take you coffee dump it on them push em to floor and say really paranoid wuss then find a new coffee shop that dosent serve ppl like that. Or could go other way show them youre using linux like a boss and make loom like said paranoid wuss. Musta been a sheeple.
post #10 of 24

Beautiful.

 

I will keep saying it. You go with TalkTalk, you get what you pay for.

   
AGP bencher
(14 items)
 
CPUMotherboardGraphicsRAM
Ryzen R7 1700 Gigabyte GA-AX370-Gaming 5 Sapphire HD 6950 2GiB 2x8GB KFA2 HOF DDR4-3600 
Hard DriveHard DriveHard DriveHard Drive
Crucial MX100 256GB Seagate 600 Series 240GB Seagate 7200.14 2TB Samsung F3 1TB 
CoolingCoolingCoolingCooling
EKWB Supreme HF XSPC Rasa GPU EK XT360 EK 4.0 
OSMonitorMonitorKeyboard
W10 Pro LG IPS235 LG E2250V KUL ES-87 
PowerCaseMouseAudio
SF Leadex II 650W Lian Li PC-A05NB Logitech G9 Xonar DX 
AudioAudio
SMSL SA-S3+Technics CB-250 Sennheiser HD555 
CPUMotherboardRAMHard Drive
AMD A10-5700 Gigabyte F2A75M-HD2 G.SKILL Ares 2133 CL9 Hitachi 5K750 
Hard DriveCoolingOSMonitor
Momentus .7 200GB Noctua NH-L9a Server 2012 R2 Standard AUO B156HW01 
PowerCaseOther
PicoPSU-80-WI-25V AIO Aluminium Handmade TP-Link Archer Something Something Wi-Fi AC 
CPUCPUCPUMotherboard
Core2Duo E6400 Core2Quad Q6600 Pentium Dual Core E5200 AsRock 4COREDUAL-SATA2 R2.0 
GraphicsRAMHard DriveOptical Drive
A dumpload of ancient AGP cards Kingston Value DDR2-667 CL4 2T @CL3 1T Seagate 160GB 7200.10 LG IDE DVD-ROM 
CoolingCoolingOSMonitor
Ghettomade CPU waterblock 49cc 2stroke engine copper radiator WinXP SP2 32bit ProView 17" 
PowerCase
Tacens Radix V 550W Ghetto aluminium bench 
  hide details  
Reply
   
AGP bencher
(14 items)
 
CPUMotherboardGraphicsRAM
Ryzen R7 1700 Gigabyte GA-AX370-Gaming 5 Sapphire HD 6950 2GiB 2x8GB KFA2 HOF DDR4-3600 
Hard DriveHard DriveHard DriveHard Drive
Crucial MX100 256GB Seagate 600 Series 240GB Seagate 7200.14 2TB Samsung F3 1TB 
CoolingCoolingCoolingCooling
EKWB Supreme HF XSPC Rasa GPU EK XT360 EK 4.0 
OSMonitorMonitorKeyboard
W10 Pro LG IPS235 LG E2250V KUL ES-87 
PowerCaseMouseAudio
SF Leadex II 650W Lian Li PC-A05NB Logitech G9 Xonar DX 
AudioAudio
SMSL SA-S3+Technics CB-250 Sennheiser HD555 
CPUMotherboardRAMHard Drive
AMD A10-5700 Gigabyte F2A75M-HD2 G.SKILL Ares 2133 CL9 Hitachi 5K750 
Hard DriveCoolingOSMonitor
Momentus .7 200GB Noctua NH-L9a Server 2012 R2 Standard AUO B156HW01 
PowerCaseOther
PicoPSU-80-WI-25V AIO Aluminium Handmade TP-Link Archer Something Something Wi-Fi AC 
CPUCPUCPUMotherboard
Core2Duo E6400 Core2Quad Q6600 Pentium Dual Core E5200 AsRock 4COREDUAL-SATA2 R2.0 
GraphicsRAMHard DriveOptical Drive
A dumpload of ancient AGP cards Kingston Value DDR2-667 CL4 2T @CL3 1T Seagate 160GB 7200.10 LG IDE DVD-ROM 
CoolingCoolingOSMonitor
Ghettomade CPU waterblock 49cc 2stroke engine copper radiator WinXP SP2 32bit ProView 17" 
PowerCase
Tacens Radix V 550W Ghetto aluminium bench 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Software News
Overclock.net › Forums › Industry News › Software News › [BBC] TalkTalk ISP cyber-attack: Website hit by 'significant' breach - Updated Data for sale on dark web, £20