Search This Blog

Powered by Blogger.

Blog Archive

Labels

Talk-Talk does not urge customers to change passwords


TalkTalk has been vastly criticised for the handling of a wi-fi password breach by several cyber-security experts.

The cyber attack, which left some Post Office and TalkTalk customers without internet for days last week, also involved up to 57,000 of TalkTalk’s customers having their Wi-Fi passwords stolen. Tens of thousands of TalkTalk customers are at risk of having had their passwords stolen after it was revealed that a hack against the company's broadband routers was more severe than initially thought.

The BBC has presented the company with evidence that many of its customers' router credentials have been hacked, putting them at risk of data theft. The UK broadband provider confirmed that the sample of stolen router IDs it had been shown was real.

Computer security experts were astounded by TalkTalk's lack of concern over its customers' passwords being at risk.

Talk Talk has been advising users that there is no need to change their router's settings.

However, Talk Talk’s PR department tried to cover up the negative media coverage.

A spokeswoman for TalkTalk said that customers could change their settings "if they wish" but added that she believed there was "no risk to their personal information".

Ken Munro, a security researcher at Pen Test Partners, said passwords could have been stolen from the faulty routers, which could give cyber criminals access to all of the information on customers' home networks, including further passwords and financial details. Munro also added that if the hacker has access to the password key, they can even see all the traffic on the home network, including social media accounts and other passwords.

The risk to TalkTalk's subscribers was first flagged over the weekend by cyber-security researchers at Pen Test Partners who warned that a variant of the Mirai worm was exploiting a vulnerability to force TalkTalk routers to reveal their Wi-Fi passwords but the UK broadband provider played down the discovery saying it was making ‘good progress to protect its routers.

The company’s site has posted up instructions on how to change the wireless name and password on your Talk Talk router but before doing so, it is best recommended to reset your router by pressing a small reset button at the back with a paperclip to force the device to download a new version of its firmware.

It is high time the telecommunications company start caring about its users’ security.
Share it: