Replace: Added provider assertion on the finish of the article.
UK telecommunications firm TalkTalk is investigating a third-party provider information breach after a menace actor started promoting alleged buyer information on a hacking discussion board.
“As a part of our common safety monitoring, given our ongoing give attention to defending clients’ private information, we had been made conscious of sudden entry to, and misuse of, certainly one of our third-party provider’s programs, nonetheless, no billing or monetary info was saved on this technique,” TalkTalk instructed BleepingComputer.
“Our Safety Incident Response workforce are persevering with to work with the provider concerning this matter and protecting containment steps had been taken instantly.”
“Our investigations are ongoing, nonetheless we will verify that the variety of potential clients referred to in sure on-line posts is wholly inaccurate and really considerably overstated.”
This assertion comes after somebody named “b0nd” started promoting what they declare is TalkTalk buyer information on a hacking discussion board that was allegedly stolen in a January 2025 information breach.
“Because the title says right now we are going to checklist on the market a big information breach involving TalkTalk. This breach passed off January 2025 and impacts 18,839,551 present and former clients.” reads the put up to a hacking discussion board.
Supply: BleepingComputer
The menace actor additionally shared a pattern of the info, which incorporates the subscriber’s title, electronic mail, last-used IP handle, enterprise cellphone quantity, and residential cellphone quantity.
Whereas the discussion board put up says the stolen information incorporates details about nearly 18.9 million present and former TalkTalk clients, the corporate doesn’t have almost that variety of subscribers, placing the authenticity of the breach doubtful.
Moreover, the screenshots shared by the menace actor point out that the info was presumably stolen from the Ascendon SaaS platform moderately than instantly from TalkTalk.
CSG Ascendon is a subscription administration platform that TalkTalk has traditionally used as a part of its operations.
In 2015, TalkTalk suffered a knowledge breach the place hackers accessed the private particulars of over 150,000 clients. The incident led to a £400,000 nice by the UK Info Commissioner’s Workplace.
Replace 1/26/25: CSG confirmed that the info originated from their platform however stated that they didn’t endure a breach of their programs and it solely impacted one buyer.
“On Jan. 21, 2025, CSG discovered that an exterior occasion gained unauthorized entry to a single supplier’s information residing on a CSG platform,” CSG instructed BleepingComputer.
“We now have no proof that CSG’s applied sciences and programs had been compromised or that CSG was the reason for the sudden entry to the info. CSG offered instant containment and is actively supporting our buyer.”
BleepingComputer requested whether or not the menace actor breached TalkTalk’s account by means of compromised credentials however has not heard again presently.