The Institute of Directors has called for action in the wake of the TalkTalk hacking scandal singling out the hacking of customer data as one of "the biggest threats facing businesses and their customers". The organisation said that only "serious breaches" make the headlines, but attacks on UK businesses "happen constantly".
This is the third cyberattack the company, owned by Charles Dunstone, has been exposed to this year. This latest attack has now exposed the details of up to four million of the telecom company's customers and has now led to a ransom demand from an unnamed hacker.
TalkTalk chief executive Dido Harding said: "I personally received a contact from someone purporting – as I say, I don't know whether they are or are not – to be the hacker, looking for money."
A statement from the company added: "Today (22nd October), a criminal investigation was launched by the Metropolitan Police Cyber Crime Unit following a significant and sustained cyberattack on our website yesterday. That investigation is ongoing, but unfortunately there is a chance that some of the following data has been compromised: names, addresses, date of birth, phone numbers, email addresses, TalkTalk account information, credit card details and/or bank details.
"We are continuing to work with leading cybercrime specialists and the Metropolitan Police to establish exactly what happened and the extent of any information accessed. "
The Home Office said it has so far spent £860m on cyber security through the National Cyber Security Programme. A criminal investigation has now been launched into the attack. TalkTalk has advised customers to keep an eye on their bank accounts over the next few months and to report any unusual activity.
In August the group's parent company The Carphone Warehouse was embroiled in a similar attack when the personal details of up to 2.4 million customers were hacked. Up to 90,000 customers could also have had their encrypted credit card details compromised.