A number of TalkTalk customers have had their maintenance visits data breached by fraudsters in an attempt to gain remote access of their computers, it has emerged.
One customer, Chris, told The Register that a week after the cyber attack was reported he experienced some issues with his broadband, so TalkTalk sent an engineer round. "The day after this visit my partner received a call from someone claiming to be from TalkTalk, who knew the engineer's name, and exactly what she and the engineer had discussed the previous day."
The caller – purporting to be from TalkTalk – then told the customer to download TeamViewer software, which was used to try to make a number of money transfers using third-parties' credit card information.
After the customer realised what was happening, he shut down his computer and bought new security software.
He said: "When I challenged TalkTalk to explain how the scam caller knew so many details of our account, the manager suggested the engineer may have passed on our details to a third party. However, TalkTalk refused to agree to contact or otherwise investigate this engineer."
Chris said he left the company at the end of November 2015 following the "dismal" customer service he experienced over the incident.
According to the BBC Radio 4 programme Money Box yesterday, TalkTalk admitted that criminals have had access to information of its third party engineers' visits.
Two customers told the programme they had received calls from scammers who knew details of their recent engineers' visits and account reference numbers. One woman had £300 taken from her PayPal account, which her bank was able to refund.
In a statement TalkTalk admitted to receiving complaints about this happening from a “small number” of customers.
It said the issue has been investigated and reported to the Information Commissioner's Office, and it has not received any more complaints about this since the end of 2015.
A spokesman from TeamViewer got in touch to say the company condems the use of its software for unauthorized access to private data: "It is important to emphasise that those using TeamViewer to facilitate this illegal activity are not using an exploit within TeamViewer. TeamViewer is not a malicious piece of software, however in this situation TeamViewer has been used for nefarious means. TeamViewer is designed to facilitate collaboration and remote support and the company does not condone the use of its software for any fraudulent activity." The TeamViewer spokesman urged users to be "prudent and vigilant" when using the software: "We advise our users to be extremely careful when they receive unsolicited calls from would-be technicicans and such. ”
Money Box noted that in the last four years, TalkTalk has had to admit to four different breaches of data, two directly from the company itself and two others from partners here and in India. The Register has asked TalkTalk for further comment.
At the end of January, TalkTalk said it was considering cutting ties with its Indian call centre provider after three employees at the site were arrested for allegedly scamming customers.
TalkTalk has reported a loss of £60m related to its major hack in October, attributing the write-off to IT costs and shedding 101,000 customers during its third quarter, according to its latest financial results. ®
Sponsored: Ransomware has gone nuclear