TalkTalk, one of Britain's most important communication companies, confirmed that it recently suffered a major data security breach.
The broadband and phone carrier admitted that some of its clients' data was not encrypted. Personal information that was accessed may include details such as names and addresses, email addresses, dates of birth, mobile numbers, credit card and bank details and information on the TalkTalk account.
'I can't confirm that the data has been encrypted' - Dido Harding, chief executive of #TalkTalk on cyber attack.
— BBC Radio 4 Today (@BBCr4today) October 23, 2015
"[The] significant and sustained cyberattack" affects over four million users, an early evaluation shows.
Adrian Culley, a former Scotland Yard detective who currently works as a cybersecurity consultant, affirms that an online post points to a Russian Islamist gang as culprit for the hacking. It appears that the hacker group posted data belonging to the customers of TalkTalk, but no official confirmation came from the authorities on the subject.
TalkTalk CEO Dido Harding made clear that, as long as law enforcers are dealing with the case, it is better that she abstains from comments. Harding added that TalkTalk swiftly informed its clients about their data being at risk, but some users say otherwise.
"Bit disgusted to read about this in the paper, informing your customers privately should have been first priority," Hazel Christopher tweeted on the message board that announced the security problem.
Harding underlined that the company took measures to ensure that the bank accounts of the exposed customers remain safe. She claims that TalkTalk urged banks to keep an eye out for any suspicious activity. Also, all TalkTalk clients who notice anything strange in their transactions should contact the bank immediately.
In compensation for the unfortunate event, TalkTalk offers to each customer a year's credit monitoring, free of charge.
"There have been no arrests and enquiries are ongoing," a Met Police spokesman answered when asked if any data theft cases are ongoing.
It is not the first time TalkTalk's database is under fire. During the last 12 months, the mobile and broadband provider was in the hackers' crosshair twice more.
Peter Sommer, a cybersecurity professional, blames the accelerated growth of TalkTalk for the increasing number of attacks.
"They are acquiring more customers and each of those customers wants to do more things and so they have to increase their capacity... but that's an expensive exercise," he pointed out.
Update: TalkTalk announced on Friday that a ransom demand was issued, following the data breach that endangered personal information of its 4 million customers. Harding stated that whether the ransom comes from an individual cyberthreat or from a nefarious group is unknown.