Talk Talk hacked, lessons and warnings
British mobile phone company Talk Talk has been hacked, not for the first time, and the company's boss has been sent a ransom demand, with user data as the bargaining chip. (http://www.bbc.co.uk/news/uk-34615226). This is just the latest hacking incident that consumers need to be concerned about, and if this particular company doesn't affect you, sooner or later one that does will be hacked, exposing you to risk of fraud.
The golden rules in these case are to change your password as soon as you hear of an attack. Ensure that your password isn't linked to any other accounts with the same email address, and then check your bank account for any strange withdrawals and your credit history for any dodgy applications in your name. You should also be careful about giving any information out over the phone or by email, as real companies do not ask for that sort of data.
Talk Talk was also hacked back in February, which shows an alarming string of corporate security lapses and a failure to understand how to protect customer data. Information like names, addresses, contact details and bank data may have been acquired in this latest hack and there seems some doubt as to whether the information was encrypted, so customers should be extra vigilant.
While there is little the company can do but reimburse any losses for customers, and try to strengthen its data and online security for the next time cyber criminals attempt this, the fallout could have wider implications for some. Expect the criminals to use the data for identity theft and to access other accounts, or to sell it to other criminals to use.
Although this could be a relatively small hack, certainly nothing like the recent theft of millions of IDs for US government workers, it highlights the risk all of us face, when giving our data out to these companies. Even though it can be difficult to keep coming up with new passwords, or using a spare email address for sensitive accounts, it is worth the effort to help protect yourself from the crimes that can be committed by those with access to the data.