INSUBCONTINENT EXCLUSIVE:
TalkTalk failed to inform 4,545 customers their personal information, including bank account details, were stolen as part of the 2015 data
breach.Viewers contacted TheIndianSubcontinent Watchdog Live about concerns that their details had been breached by TalkTalk.But the company
had told them that their details were not compromised
"The customer data referred to by TheIndianSubcontinent Watchdog relates to the historical October 2015 data breach
It is not a new incident," the firm said.The TheIndianSubcontinent consumer show investigated and found the personal details of
approximately 4,500 customers available online after a Google search
The details included full names, addresses, email addresses, dates of birth, TalkTalk customer numbers, mobile numbers and bank details for
thousands of customers.The information is likely to have been online since the breach, without the knowledge of the people affected
The 2015 attack saw personal details of nearly 157,000 customers accessed, including bank account numbers and sort codes of over 15,000
The Information Commissioner's Office (ICO) conducted an investigation into the breach, finding multiple failings in TalkTalk's security
When presented with the findings of the TheIndianSubcontinent investigation, TalkTalk said it was a genuine error and that it has since
written to all impacted customers to apologise."The 2015 incident impacted 4% of TalkTalk customers and at the time, we wrote to all those
impacted," the company said in a statement."In addition, we wrote to our entire base to inform them about the breach, advise them about the
risk of scam calls and offer free credit monitoring to protect against fraud
"A recent investigation has shown that 4,545 customers may have received the wrong notification regarding this incident
This was a genuine error and we have since written to all those impacted to apologise
99.9% of customers received the correct notification in 2015
"On their own, none of the details accessed in the 2015 incident could lead to any direct financial loss." 'Extremely uncomfortable'For the
last two years Alan, not his real name, has had his phone, email and bank account bombarded with a series of fraudulent attacks
Whilst Alan will never know if the attacks were a direct result of the TalkTalk data breach, he feels the details leaked are enough to allow
fraudsters to impersonate him.Image copyrightGetty ImagesImage caption
The data breach announcement made to customers on
the TalkTalk website in October 2015
Alan said he felt "extremely uncomfortable" after Watchdog Live showed him that they
were able to find his bank account number, sort code and other personal information online
"I think they've failed their customers on a gigantic scale," he added.Watchdog Live also spoke to Maureen, not her real name, who was
shocked to discover that her details were breached in 2015
At the time, Maureen was told by TalkTalk that her details had not been stolen
Maureen has been in touch with TalkTalk on multiple occasions, most recently in May of this year, to raise concerns that her details had
But TalkTalk continued to insist that they hadn't
Watchdog Live's investigation found Maureen's sensitive data through a simple online search
Maureen told the programme: "I've been asking this question since 2015
I'm suffering now for something that I know nothing, absolutely nothing, about
"I knew something was not right and I kept insisting and they avoided every single time I asked the question 'have my details been
compromised'"Fraud attempts"If the data has come from TalkTalk then obviously we need to go and revisit all of these people who've been told
that they weren't exposed and look at what they can do to rectify the harm," online security expert Scott Helme told the programme."We're
never going to completely erase this data, but what we can do is try to reduce the impact of having lost the data."Image copyrightGetty
ImagesImage caption
Personal details can be used by criminals to commit identity theft and fraud
Watchdog Live spoke to multiple people who were affected by the TalkTalk data breach.They said they had been subject to frequent scam calls,
and in some cases attempted fraud and identity theft, impacting their credit rating
These people may never know if their experiences were a direct result of TalkTalk's data breach, or if their details could have been
Using the information Watchdog found, a fraudster could sign up for services, set up direct debits and purchase goods on their victim's
behalf, said Mr Helme.He added that a scammer could also use this information to pretend to be the victim's bank, in order to gain other
