Data Breaches

TalkTalk Confirms Data Breach, Downplays Impact

UK telecoms firm TalkTalk has confirmed falling victim to a data breach after a threat actor boasted about hacking it.

UK telecoms firm TalkTalk has confirmed falling victim to a data breach after a threat actor boasted about hacking it.

UK telecommunications firm TalkTalk has confirmed falling victim to a data breach after a threat actor boasted about the incident on a cybercrime forum.

The incident, the company told SecurityWeek in an emailed statement, involved a third-party platform and triggered immediate containment measures.

“As part of our regular security monitoring, given our ongoing focus on protecting customers’ personal data, we were made aware of unexpected access to, and misuse of, one of our third-party supplier’s systems,” a TalkTalk spokesperson said.

The telecom provider said it was working with the third-party supplier to resolve the issue, but would not share further information, citing its ongoing investigation into the incident.

The data breach came to light after a threat actor using the name ‘b0nd’ announced on a hacker forum they were offering for sale the information of over 18.8 million TalkTalk customers, which was allegedly obtained this month.

According to the threat actor’s post, the exfiltrated information includes names, email addresses, phone numbers, IP addresses, and other information.

Advertisement. Scroll to continue reading.

“Our investigations are ongoing, however we can confirm that the number of potential customers referred to in certain online posts is wholly inaccurate and very significantly overstated,” TalkTalk told SecurityWeek.

Given that TalkTalk has roughly 2.4 million customers, the 18.8 million number the threat actor was referencing was likely referring to the number of records they might have stolen.

TalkTalk did not name the third-party supplier that was involved in the incident, but it appears that the information might have been stolen from CSG’s Ascendon platform, given the screenshots shared by b0nd on the cybercrime forum and CSG disclosing a cyber incident over the weekend.

Responding to a SecurityWeek inquiry, a CSG spokesperson confirmed unauthorized access to “a single provider’s data residing on a CSG platform” and said that the company has no evidence that its systems were compromised “or that CSG was the cause of the unexpected access to the data”.

It appears that compromised login credentials might have been used to access TalkTalk’s data, but it is unclear how many individuals might be affected, as the CSG managed platform was not used to manage all TalkTalk customers.

TalkTalk previously suffered a significant data breach back in 2015. Two individuals were sentenced to prison in 2018 for that attack. 

Related: Millions Impacted by PowerSchool Data Breach

Related: HPE Investigating Breach Claims After Hacker Offers to Sell Data

Related: Venture Capital Giant Sequoia Targeted in BEC Attack

Related: Conduent Confirms Cyberattack After Government Agencies Report Outages

Related Content

Data Breaches

The WorldLeaks extortion group claimed to have stolen 720 GB of data from the healthcare testing and laboratory services provider.

Data Breaches

Hackers exploited a zero-day vulnerability in a third-party system to access a KDDI email system for ISPs.

Data Breaches

Hackers accessed the institution’s internal network and deleted two drives containing employee, student, and university data.

Data Breaches

The professional services giant says it contained the incident, remediated its source, and experienced no operational or service delivery impact.

Cybercrime

In April, ShinyHunters accessed the company’s corporate IT systems and stole patients’ personal and medical information.

Data Breaches

Hackers accessed the insurance giant’s policyholder portal multiple times between June 15 and June 25.

Data Breaches

Only a handful of the 100 organizations targeted in the PeopleSoft campaign have been confirmed.

Data Breaches

The ShinyHunters extortion group claims to have stolen 3.1 TB of data from the organization.

Copyright © 2026 SecurityWeek ®, a Wired Business Media Publication. All Rights Reserved.

Exit mobile version