TalkTalk hit by massive cyber attack

TalkTalk has said it has been affected by the same cyber attack that left Post Office broadband customers without an internet connection.
TalkTalk headquaters in west LondonTalkTalk headquaters in west London
TalkTalk headquaters in west London

The attack used a piece of malware known as the Mirai worm, which is spread via compromised computers and works by taking control of devices running the Linux operating system and using them to knock services offline.

This attack has targeted certain types of broadband routers used by both the Post Office and TalkTalk, damaging their internet connection.

Hide Ad
Hide Ad

A spokesman for TalkTalk said in a statement: "Along with other ISPs in the UK and abroad, we are taking steps to review the potential impacts of the Mirai worm.

"A small number of customer routers have been affected, and we have deployed additional network-level controls to further protect our customers."

It follows news from Germany's Deutsche Telekom earlier this week that up to 900,000 of its customer had lost their internet connection as part of the same incident. No-one has yet claimed responsibility for the attack.

Earlier, a spokeswoman for the Post Office said the issue had begun for their customers on Sunday but that no personal data from users was at risk.

Hide Ad
Hide Ad

"Post Office can confirm that on November 27 a third party disrupted the services of its broadband customers, which impacted certain types of routers," they said in a statement.

"Although this did result in service problems we would like to reassure customers that no personal data or devices have been compromised.

"We have identified the source of the problem and implemented a resolution which is currently being rolled out to all customers.

"We would like to apologise to any customers who have been experiencing issues with their Post Office broadband service. For those customers who are still having problems we are advising them to reboot their router."

Hide Ad
Hide Ad

A similar attack on the US-based Dyn web domain provider in October knocked a host of prominent websites offline, including Spotify, Twitter and Reddit.

Security experts have suggested the aim of the attack may have been to simply cause disruption.

Jonathan Sander, from security firm Lieberman Software, said: "When the modified Mirai attack hit Deutsche Telekom over the weekend, many guessed that the fact that it simply shut down the devices it hit was a mistake by the bad guys trying to steal data.

"Now that Post Office routers are falling victim to the same type of attack shutting them down, it begs the question if the shutdown is the goal.

"Most cyber crime is about money. But every now and then there are bad guys who just want to watch the world burn."