A few weeks ago, we talked about some household names such as T-Mobile being victims of hacking.
As you may have seen in the news last week, broadband and telephone company TalkTalk are the latest victims to this online crime, possibly having had the names, dates of birth, addresses and possibly credit card information of customers stolen.
The revelation that many of these pieces of information were not stored encrypted cemented the damage to TalkTalk’s reputation. However this attack came with an interesting twist; rather than an infiltration by a professional and highly skilled group of hackers; it appears to have been the work of a single 15 year old boy, based on the arrest and bailing of the suspect. Was TalkTalk’s security so lax that a child who can’t even buy a lottery ticket yet could steal so much personal information? Or are online hackers getting so proficient that even the biggest businesses can’t keep up?
What should you do if you are a TalkTalk customer?
- First, it is imperative that you change your password. Even if you don’t believe your information was included in the hack; it is still a good idea to change your password. Remember not to use any easy to guess information, like your name, date of birth, or “password1”. Make it random (but easily memorable). Also, the longer the better. Software designed to crack passwords are only truly effective against short passwords, so a long password could safeguard you against a so-called “brute-force attack”.
- Beware of scams. Customers of TalkTalk have already reported being scammed between the date of the breach and the publication of the details. Once you’ve changed all your passwords, make sure you don’t give out any personal information to anyone who rings you. If in any doubt, call the company back (on a number you find on official documentation like a bill) and verify. A valid call centre operator will understand your need to double check.
- Finally, never use the same password for numerous applications. While it might be easier to remember one password rather than five for different logins; if that one password is compromised, then this means that all accounts are compromised. It’s far easier to memorise different passwords than it is to have to try and fix all the problems that come from someone hacking your personal information.
