TalkTalk hack: Customers claim their bank accounts have been emptied following data breach

TalkTalk cybercime security breach — A company logo is seen on a TalkTalk building in London REUTERS/Stefan Wermuth

TalkTalk customers are reporting that their bank accounts have been emptied following the huge security breach by hackers. One victim claims £600 on their credit card was used in a spending spree before they were able to block it. Scammers are also reported to have called customers and threatened them with violence.

According to Mail Online, barrister's clerk Hilary Foster discovered hackers were trying to use her credit card to make a range of purchases. Most were declined, but £600-worth of items from Tesco and Office shoes were charged to her account.

TalkTalk CEO Dido Harding admits she doesn't know if customer bank details were encrypted. TalkTalk

It also emerged that on Wednesday (21 October) before details about the hack became known, Ian Frater, a trainee doctor from Glasgow, believes his broadband was hijacked and he then spoke to someone he believes was a hacker.

I was subjected to threats about what might happen if I hung up, including the possibility that my computer would blow up and kill me

- hack victim Ian Frater

"They slowed my internet down – which I imagine could be a denial-of-service attack or something – then phoned pretending to be TalkTalk support, who were being proactive in helping their customers," said Frater. "They had all the details you would expect TalkTalk to have at hand, including name, address, phone number and TalkTalk account number. The guy really sounded like he was in a TalkTalk call centre."

Frater grew suspicious and asked to be transferred to another representative. "I tried to cut the call there, but I was then subjected to threats about what might happen if I hung up, including the possibility that my computer would blow up and kill me. So I wasn't surprised when I heard about the cyber-attack yesterday, and think it could be linked in some way."

TalkTalk chief executive Baroness Dido Harding has been forced to admit she didn't know whether customer's bank details had been encrypted. "I can't even tell you today exactly how many customers have been affected," she told ITV's Good Morning Britain. "We have tried to come public as fast as we can once we have got a reasonable idea of what potential data has been lost.

Harding confirmed the company had been contacted by someone claiming to be the hacker who was looking for money. "Yes, we have been contacted by - I don't know whether it's an individual or a group purporting to be the hacker," Harding told the BBC. "I personally received a contact from someone purporting - as I say, I don't know whether they are or are not - to be the hacker, looking for money."