TalkTalk falls victim to another ‘insider’ scam

Things don’t seem to be improving for TalkTalk with regards to security as it has just announced another major security issue, this time with its ‘BrightSparks’ service for engineers' customer data.

This revelation could not come at a worse time for TalkTalk as it has only just announced the serious security issue with its call centre partner Wipro in India, where three Wipro employees were duly arrested for stealing Talk Talk customers’ private data and using the information to perform subsequent illegal activities.

The latest issues started in November 2015, with customers of TalkTalk becoming the target of scammers – who were extremely knowledgeable of the customers personal and private details – only days after a home visit from BrightSpark engineers. Apparently, the engineers informed the customers to expect a follow up call, which subsequently happened, but according to the Radio Four Money Box, the call was a scam.

Indeed the scammers, making the call were very convincing, as they knew all the details about the BrightSpark engineers visit, however their real motive was to persuade customers to allow them to have remote access to their computers so they could download malware.

Following on the back of last year’s three breaches of security, the third a huge cyber attack, which possibly could have revealed the private credentials of TalkTalk’s 4 million customers, the ISP is once again looking to damage limitations. TalkTalk said it had informed the Information Commissioners Office (ICO).