This article is from the source 'bbc' and was first published or seen on . It last changed over 40 days ago and won't be checked again for changes.
You can find the current article at its original source at http://www.bbc.co.uk/news/business-34635583
The article has changed 2 times. There is an RSS feed of changes available.
Previous version
1
Next version
| Version 0 | Version 1 |
|---|---|
| TalkTalk hack: MPs to hold inquiry into cyber-attack | |
| (about 7 hours later) | |
| MPs are to launch an inquiry into the cyber-attack on TalkTalk that could have put customers' details at risk. | |
| Culture minister Ed Vaizey also told the House of Commons the government was not against compulsory encryption for firms holding customer data. | |
| Shares in the telecoms company fell more than 12% in Monday trading, extending its losses from last week, when news of the attack first emerged. | |
| TalkTalk has said the cyber-attack was "smaller" than originally thought. | |
| However, it acknowledged that customers' bank account and sort code details may have been accessed. | However, it acknowledged that customers' bank account and sort code details may have been accessed. |
| Responding to an urgent question on the issue asked in the Commons, Mr Vaizey described the hack as "very serious". Any compensation for customers would be a matter for the Information Commissioner, he told MPs. | |
| The inquiry into the TalkTalk hack and data protection will be launched by Jesse Norman, chair of the Culture, Media and Sport Select Committee, the Commons was told. | |
| 'Money missing' | |
| The phone and broadband provider has said it does not know how much of the customer information was encrypted. | The phone and broadband provider has said it does not know how much of the customer information was encrypted. |
| It said it would contact all its four million current customers; it has said an unknown number of previous customers may also be at risk. | |
| Some customers have also said money has gone missing from the their bank accounts. | Some customers have also said money has gone missing from the their bank accounts. |
| But TalkTalk has said there is currently no evidence that customers' bank accounts have been affected as a result of last week's attack. | |
| Analysis: Rory Cellan-Jones, BBC technology editor | Analysis: Rory Cellan-Jones, BBC technology editor |
| The company first indicated that the "sustained" attack was a DDoS, a distributed denial of service attack where a website is bombarded with waves of traffic. | The company first indicated that the "sustained" attack was a DDoS, a distributed denial of service attack where a website is bombarded with waves of traffic. |
| That did not seem to explain the loss of data, and later TalkTalk indicated that there had also been what is known as an SQL injection. | That did not seem to explain the loss of data, and later TalkTalk indicated that there had also been what is known as an SQL injection. |
| This is a technique where hackers gain access to a database by entering instructions in a web form. It is a well known type of attack and there are relatively simple ways of defending against it. | This is a technique where hackers gain access to a database by entering instructions in a web form. It is a well known type of attack and there are relatively simple ways of defending against it. |
| Many security analysts were stunned by the idea that any major company could still be vulnerable to SQL injection. | Many security analysts were stunned by the idea that any major company could still be vulnerable to SQL injection. |
| Questions for TalkTalk | Questions for TalkTalk |
| A number of customers have criticised the company's handling of the attack - saying they have received no contact. | A number of customers have criticised the company's handling of the attack - saying they have received no contact. |
| Others criticised its refusal to let them cancel contracts for free. | Others criticised its refusal to let them cancel contracts for free. |
| In a statement on Saturday, TalkTalk said the attack was on its website, where full card details are not held - not on its core system. | In a statement on Saturday, TalkTalk said the attack was on its website, where full card details are not held - not on its core system. |
| Any credit card details accessed were incomplete - with many numbers appearing as an x - and "not usable" for financial transactions, it added. | Any credit card details accessed were incomplete - with many numbers appearing as an x - and "not usable" for financial transactions, it added. |
| The Metropolitan Police is investigating the hack, as well as a ransom demand from a group purporting to be behind it. | The Metropolitan Police is investigating the hack, as well as a ransom demand from a group purporting to be behind it. |
| No arrests have been made. | No arrests have been made. |
| TalkTalk said there was a chance that some of the following customer data had been accessed: | TalkTalk said there was a chance that some of the following customer data had been accessed: |
| What should you do if you think you're at risk? | What should you do if you think you're at risk? |
| TalkTalk hack: What should I do? | TalkTalk hack: What should I do? |
Previous version
1
Next version