Kitz Forum

Broadband Related => ISPs => Topic started by: GigabitEthernet on March 08, 2021, 05:04:16 PM

Title: Possible TalkTalk security issue
Post by: GigabitEthernet on March 08, 2021, 05:04:16 PM: I've recently become a TalkTalk customer, I am due to go live shortly.

I've just logged into my account and I am able to see the details of somebody else, including their name, address and telephone number.

This is surely extremely concerning and must violate some kind of privacy law?
Title: Re: Possible TalkTalk security issue
Post by: burakkucat on March 08, 2021, 06:00:47 PM: Quote from: GigabitEthernet on March 08, 2021, 05:04:16 PM
This is surely extremely concerning and must violate some kind of privacy law?

I'm sure it does. :o And, I suspect, the ICO (https://ico.org.uk/) would be very interested to know the full details of your discovery.
Title: Re: Possible TalkTalk security issue
Post by: GigabitEthernet on March 08, 2021, 10:11:25 PM: Quote from: burakkucat on March 08, 2021, 06:00:47 PM
I'm sure it does. :o And, I suspect, the ICO (https://ico.org.uk/) would be very interested to know the full details of your discovery.

Case raised to the ICO. The social media team were not interested in the slightest and seemed to think it was normal before an account was activated. Obviously it isn't but it didn't stop them repeating it like a robot.
Title: Re: Possible TalkTalk security issue
Post by: Alex Atkin UK on March 09, 2021, 12:43:02 AM: Just, wow!
Title: Re: Possible TalkTalk security issue
Post by: Weaver on March 09, 2021, 12:49:21 AM: Wow indeed! :(
Title: Re: Possible TalkTalk security issue
Post by: tubaman on March 09, 2021, 08:27:14 AM: Quote from: GigabitEthernet on March 08, 2021, 10:11:25 PM
... The social media team were not interested in the slightest and seemed to think it was normal before an account was activated. ...
What planet are they living on! :no:
Title: Re: Possible TalkTalk security issue
Post by: broadstairs on March 09, 2021, 09:43:21 AM: Sadly they do not have a good record on security :o I suspect they are not the only ones :-X

Stuart
Title: Re: Possible TalkTalk security issue
Post by: meritez on March 09, 2021, 10:18:49 AM: Do they use 2FA yet, as in two factor authentication?
Title: Re: Possible TalkTalk security issue
Post by: broadstairs on March 09, 2021, 10:51:39 AM: Quote from: meritez on March 09, 2021, 10:18:49 AM
Do they use 2FA yet, as in two factor authentication?

Not that I'm aware of and 2fa can be a real PITA.

I suspect this problem happens because they do not delete account detail before reusing them for a new account.

Stuart
Title: Re: Possible TalkTalk security issue
Post by: 4candles on March 09, 2021, 05:23:04 PM: Maybe Dido can explain? ;)
Title: Re: Possible TalkTalk security issue
Post by: burakkucat on March 09, 2021, 05:31:09 PM: Quote from: 4candles on March 09, 2021, 05:23:04 PM
Maybe Dido can explain? ;)

Please don't distract Baroness Diana Harding (https://en.wikipedia.org/wiki/Dido_Harding) from her current "good works". ::)
Title: Re: Possible TalkTalk security issue
Post by: 4candles on March 09, 2021, 05:32:46 PM: ;D
Title: Re: Possible TalkTalk security issue
Post by: Alex Atkin UK on March 09, 2021, 05:53:12 PM: Quote from: broadstairs on March 09, 2021, 10:51:39 AM
Not that I'm aware of and 2fa can be a real PITA.

I suspect this problem happens because they do not delete account detail before reusing them for a new account.

Stuart

Why would you EVER reuse an old account?

I couldn't even sign up to Plusnet with my old username because they kept the details (potentially in breach of data protection) and I hadn't been a customer in 20+ years.
Title: Re: Possible TalkTalk security issue
Post by: bob.gas on April 13, 2021, 06:49:36 PM: Quote from: burakkucat on March 08, 2021, 06:00:47 PM
I'm sure it does. :o And, I suspect, the ICO (https://ico.org.uk/) would be very interested to know the full details of your discovery.

I suppose it's not a false address to show one what to enter ( so to speak)?