TalkTalk Hacked – Centralized Solutions and Unencrypted Customer Data
Theft of credit card information is nothing new under the sun, as these types of data breaches occur on a regular basis in this day and age. British provider TalkTalk is the latest company on a growing list of companies who suffered an attack by hackers. Customer data has, most likely, been obtained, which could include credit card details.
TalkTalk Breached By Hackers
Popular systems are always a high-value target for hackers, and they will stop at nothing to find and exploit security weaknesses. That being said, there is a major difference between hacking a website and obtaining sensitive customer data. In the case of TalkTalk, the latter scenario happened, and things are not looking good.
An investigation into the matter is underway, as the Metropolitan Police Cyber Crime Unit is on the case as we speak. TalkTalk’s servers were breached yesterday, following a denial-of-service attack against the web frontend. Not too many details regarding the breach are known at this point, other than what TalkTalk has stated themselves.
According to the latest information, sensitive customer data may have been leaked. To make matters even worse, not all of this sensitive information was properly encrypted by the British provider. In this day and age, not encrypting any data is unacceptable, and reflects badly on companies neglecting to take proper security precautions.
Among the information that may [not be] compromised during the breach are customer names, addresses, bank details, date of birth, and even credit card information. It remains unclear as to which portion of these details were encrypted and which were not. That being said, if TalkTalk admits these details “might” have been leaked, it is highly likely this is exactly what happened.
The number of affected TalkTalk customers is unknown at this time. Keeping in mind this provider serves 4 million customers in the United Kingdom, the ramifications could be severe. BBC has mentioned how several British companies have been facing DDoS attack yesterday, and TalkTalk might not be the only ones affected by a data breach.
Using Decentralized Solutions To Fight DDoS And Other Attacks
Denial-of-service attacks are a real plague on the Internet, as they can cause a website to slow down or become inaccessible for extended periods of time. Despite company’s best efforts, a successful DDoS attack can only be pulled off if there is a centralized [group of] server[s] involved.
Unfortunately for the business world, nearly every company is existence uses centralized databases, which create a point of failure. If hackers attack that point of failure, it is usually only a matter of time until the services are breached, and customer details get leaked. Especially where financial information is concerned, centralized solutions are never the answer.
Stepping up cyber security is a key point of focus all around the world. However, most companies are willing to put off any major changes until it is too late. Decentralized solutions, perhaps even based on blockchain technology, remove the central point of failure from the equation.
What are your thoughts on the TalkTalk breach? Are you an affected customer? Let us know in the comments below!
Images courtesy of TalkTalk, Shutterstock