UK ISP TalkTalk investigating claims of potential data breach caused by third party supplier

UK internet service provider TalkTalk is investigating claims of a potential data breach that allegedly occurred through a third-party supplier system in December 2024. The breach was claimed on a cybercrime forum with a hacker claiming a significant data leak from the company.

The forum posts claim 18.8 million current and former customers were affected, a figure that TalkTalk strongly disputes as "wholly inaccurate and very significantly overstated." TalkTalk's current customer base stands at approximately 3.6 million across their residential, business, and wholesale services combined.

The breach allegations suggest exposure of personal data including

• Subscriber PINs
• First and last names
• Email addresses
• Last account access information
• IP addresses
• Business phone numbers
• Home phone numbers

TalkTalk claims that no financial or billing information was stored on the compromised system. The number of affected individuals is not disclosed by TalkTalk.

TalkTalk's official response acknowledges the detection of "unexpected access to, and misuse of, one of our third-party supplier's systems." The company's security incident response team has implemented containment measures and is working closely with the affected supplier.

Update - As of 27th of January 2025, the leaked images indicate that the incident was caused by a breach in the  CSG's Ascendon platform used by TalkTalk. CSG confirmed on January 21, 2025 that unauthorized access affected a single provider's data.