← View all posts

How an outdated database led to a data breach: Unpicking the TalkTalk cyber attack

How an outdated database led to a data breach: Unpicking the TalkTalk cyber attack

What led to the TalkTalk data breach that’s estimated to have cost around £30 million in damages?

Dissecting the hack that caused over 150,000 customers to be affected

They’re one of the leading telecoms and mobile network providers in the UK, yet in 2015 TalkTalk’s failure to update basic security measures led to a disastrous cyber attack.

Over 150,000 customers were affected when their systems were attacked, and personal details and banking information were exposed.

Let’s take a closer look at what happened and how we can prevent attacks like this in the future!

What happened?

On 21 October 2015, the TalkTalk network was operating at a much slower rate than usual, causing alarm among the company and its customers.

While they assessed the situation and attempted to get services back up and running, 150,000 private customer details were being stolen!

An investigation followed, and a SQL injection cyber attack was identified.

A thorough investigation and technical review was carried out by The ICO (Information Commissioner’s Office). This revealed that over 150,000 private data records were stolen, and over 15,000 bank details, including account numbers and sort codes, were lost.

How could this happen?

TalkTalk took over Italian telecommunications company Tiscali in 2009, who were using a very old way of code communicating with the database. The database itself was not at fault, but the way the code talked to it.

This flaw meant cyber criminals could hack the database using a simple SQL injection. In fact, these old web pages had already been attacked two times that year!

Investigations found that TalkTalk failed to update Tiscali’s web pages, which led to the SQL injection attack. By entering SQL commands to interfere with their back-end database, cyber criminals could steal the data of all the customer files belonging to it.

The ICO also found that the outdated software was affected by a bug many years ago, which allowed hackers to bypass access restrictions that were in place on the database. This bug had not been resolved, even though a patch was readily available.

The ICO fined TalkTalk £400k for the oversight, but the overall cost to TalkTalk is estimated to be much higher, ranging between £30million-35 million.

What would be the role of a cyber security professional in this incident?

A Security Software Developer is responsible for building applications and integrating security software that minimises security weaknesses in applications. Their goal is to stop hackers from exploiting an organisation’s data or systems due to outdated code.

As well as designing secure software solutions for a company, this role requires ongoing maintenance and updates to existing systems, something that would have been crucial in the TalkTalk incident!

A Security Software Developer is responsible for building applications and integrating security software that minimises security weaknesses in applications.

What can we learn from it?

The TalkTalk cyber attack highlights the importance of keeping up with the latest software advances. This doesn’t just mean for large businesses. Every person is responsible for keeping their devices up to date with the latest software.

The TalkTalk cyber attack highlights the importance of keeping up with the latest software advances.

When you upgrade your system, you don’t only access new features; you protect your system with the most up-to-date security technology.

With over 150,000 customers trusting TalkTalk with their private data, it was an essential cyber security requirement to monitor vulnerabilities and upgrade software frequently.

In a world of ever-evolving technology, cyber threats are constantly changing, and hacking software systems can often be alarmingly simple when weaknesses are left unresolved.

Want to read more real life cyber attack stories like this? Check out our post on the Disney+ launch day cyber attack!

Whether you want to be at the forefront of a digital investigation or improve your digital skills to be aware of sophisticated attacks just like this, CyberStart can help you progress with free online learning games and challenges!

All of these programmes are entirely free, and feature CyberStart!

CyberStart America

What is it?

A fun programme developed to help you discover your talent, advance your skills and win scholarships in cyber security.

Who's it for?

13-18 year old high school students in the US only.

Awesome! How can I find out more?
www.cyberstartamerica.org

Cyber FastTrack

What is it?

The fastest and most cost-effective route to a career in cyber security via free training and exclusive scholarship opportunities.

Who's it for?

College students in the US only.

Great! How can I find out more?
www.cyber-fasttrack.org