Learning from major cyber security incidents
Learning from major cyber security incidents

Start this free course now. Just create an account and sign in. Enrol and complete the course for a free statement of participation or digital badge if available.

Free course

Learning from major cyber security incidents

3.1 What was the attack?

TalkTalk had discovered that their website was being attacked, which forced them to bring down the website to prevent further attacks and to investigate the scope of the damage. It turned out that there were ways to gain unauthorised access to the underlying database that was associated with the website. The database contained personal information such as the names, addresses, phone numbers, email addresses, dates of birth and financial information of TalkTalk’s customers. The company initially feared that personal information belonging to all four million of their customers had been stolen, but later found that the scale of data lost was much smaller. TalkTalk issued a statement in November of the same year confirming the following lost data (BBC News, 2015):

  • 156 959 customers had personal details accessed.
  • From those customers, 15 656 bank account numbers and sort codes were stolen.
  • 28 000 stolen credit and debit card numbers were ‘obscured’ (some digits of the card number were hidden) and ‘cannot be used for financial transactions’.

Nevertheless, for these 156 959 customers, it could have been be the start of a nightmare. They were vulnerable to identity crimes and scams. In fact, a number of customers claimed that they received scam phone calls a few days before TalkTalk disclosed the attack (Bain, 2015). For those who were in a long contract with TalkTalk, this was especially frustrating because TalkTalk did not allow customers to terminate the contract early unless they paid an early termination fee or proved they had suffered financial loss as a result of a scam directly related to this data breach. No doubt this policy angered customers and dented their trust in the company further (Millman, 2017).

In TalkTalk’s quarterly report release in February 2016, the financial loss resulting from the attack was estimated to be £60 million, which included costs related to responding to the incident, extra loads put on the call centres, and repairing vulnerable systems. In three months, TalkTalk also lost 95 000 customers, who left because of the attack (Burgess, 2016).

In addition, the Information Commissioner’s Office (ICO), which is the UK’s independent authority for upholding information rights in the public interest, fined TalkTalk £400 000 for ‘security failings that allowed a cyber attacker to access customer data with ease’ (ICO, 2016). The ICO’s investigation concluded that the attack could have been prevented if TalkTalk had taken basic security measures to protect their systems. The fine was the largest the ICO had ever issued at that time.

Activity 8

Timing: Allow about 15 minutes

To placate their affected customers, TalkTalk offered them free credit monitoring for a year. Credit monitoring is a process of continuously monitoring one’s credit history in order to detect suspicious activity. By following the link below or finding your own resources, identify how a credit report can indicate the key warning signs of identify fraud.

How to spot the warning signs of identity fraud [Tip: hold Ctrl and click a link to open it in a new tab. (Hide tip)] (Experian, 2018)

(Open the link in a new tab or window by holding down Ctrl (or Cmd on a Mac) when you click on it).


The following are some key points identified from the web page:

  1. When a credit application is set up, lenders will usually ‘search’ for your credit rating. By checking the search history on your credit report, you may notice unusual activities.
  2. The credit report will show your address. If it has been altered by a fraudster, you should notice this.
  3. The credit report also lists any loans and credit card accounts you applied for. If there are any listed that you didn’t apply for, it is a sign that you are a victim of identity theft.

Take your learning further

Making the decision to study can be a big step, which is why you'll want a trusted University. The Open University has 50 years’ experience delivering flexible learning and 170,000 students are studying with us right now. Take a look at all Open University courses.

If you are new to University-level study, we offer two introductory routes to our qualifications. You could either choose to start with an Access module, or a module which allows you to count your previous learning towards an Open University qualification. Read our guide on Where to take your learning next for more information.

Not ready for formal University study? Then browse over 1000 free courses on OpenLearn and sign up to our newsletter to hear about new free courses as they are released.

Every year, thousands of students decide to study with The Open University. With over 120 qualifications, we’ve got the right course for you.

Request an Open University prospectus371