Sunday, October 25, 2015

TalkTalk Breach Week 8

For this week’s blog we are going outside of the United States. Remember in week 5 blog’s there was a saying, “No one is safe”, well it seems that the statement was true. The British phone company TalkTalk was hacked. The hackers were able to steal lots of personal data, which will be discussed in the following paragraphs.

So far they are not one hundred percent sure if customers names, addresses, date of birth, phone numbers, email address, TalkTalk account information, credit card details and/or bank details were stolen (Krebs, 2015). The hackers must be doing this for financial gain as they sent TalkTalk a 122,000 dollars ransom to be paid in the digital currency bit coin. Along with the ransom the hackers provided tables from its user database to prove that they were not faking the breach (Krebs, 2015). The hackers have threaten to sell customer information on the dark web if the ransom isn’t paid, but there is no guarantee that even if the ransom is pay they won’t sell or post it on the dark web. The database that the hackers sent as part of the ransom seems to have credit checks from over 400,000 of its customers. Since the investigating is still ongoing TalkTalk is not sure how many customers were affect or what data was stolen.

This breached happened, because of vulnerability called an SQL injection.  A SQL injection attack consists of insertion or "injection" of a SQL query via the input data from the client to the application (SQL Injection, 2014). When this attack is successful it can give the attacker administrative privileges on the database. The SQL injection vulnerability was posted on the website Xssposed.org. The attacker then became public knowledge allowing hackers to use this vulnerability to steal information.

TalkTalk has issues one year of free credit monitoring services. Again companies don’t take cybersecurity seriously. When you have a website that has vulnerabilities and you don’t take care of them this can happen. This is especially true when the website ties back to a database that houses all their customers’ information. It is good to see they are taking security seriously now, but just like Target they are too late.

References
Krebs, B. (2015, October 24). Krebs on Security. Retrieved October 24, 2015, from http://krebsonsecurity.com/2015/10/talktalk-hackers-demanded-80k-in-bitcoin/

SQL Injection. (2014, August 14). Retrieved October 24, 2015, from https://www.owasp.org/index.php/SQL_Injection

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)