TalkTalk has admitted to a data breach that led to customers being scammed for thousands of pounds.
A post on a TalkTalk forum explained that a third party with "legitimate access to customer accounts" was hit by a data breach last year, causing information to go missing. The party has begun legal action against the supplier.
The scammers, based in India, have been using the stolen data, which includes account numbers, addresses and account holders’ names, to trick customers into thinking they are calling from TalkTalk.
They then claim to have identified problems with the TalkTalk router and prompt the customer to download software to let them access the computer and fix the 'problem'. They also promise a compensation payment of £250.
However, the scammers actually use the information and access to wire money from the customer's account. The Guardian reported that one man was stung for £2,800 after trusting the scammer because they knew his account information.
Another customer confirmed on a forum that they had received a call from a scammer on 27 February using the information to try to trick them into allowing laptop access.
"I have just had 'THE' call from 'TalkTalk' and like everyone else was surprised he had my address and account number. I deliberately wasted his time for 15 minutes and then hung up," they wrote.
TalkTalk has warned customers to be vigilant about such calls on its forums, noting that it would never ask to download software to a customer's machine or call customers and identify them using account details.
A TalkTalk spokesperson confirmed to V3 that it began investigating whether a hack had taken place after reports of customers being scammed emerged last year. It discovered that this was indeed the case.
“We are aware of a small, but nonetheless significant, number of customers who have been directly targeted by these criminals and we have been supporting them directly,” the spokesperson said.
The company claimed that no financial data such as bank or credit card details or dates of birth were taken, and that no TalkTalk Business customers were affected.
British Airways blames 'global systems outage' for IT meltdown
Mark Zuckerberg mercilessly trolled by Harvard student newspaper after return to university he dropped out of 12 years ago
'Unauthorised user' blamed by Harvard for insulting Mark Zoinkerberg
Android under attack from 'Judy', Google Play Store malware that has infected up to 36.5 million users
Yet more Android malware discovered on the Google Play Store
Airport believes new system will be more reliable than GPS or Google Maps