TalkTalk once told GCHQ: Cyberattack? We'd act fast – to get sport streams back up

National Cyber Crime Unit spills on pre-2015 megahack convo

By Kat Hall

Posted in Security, 27th September 2017 12:16 GMT

Updated Prior to its disastrous 2015 mega hack, UK ISP TalkTalk had told British spies at GCHQ that should an attack occur, its main focus would be to restore "online sports streaming", according to the head of operations at the country's National Cyber Crime Unit.

Speaking at the Cyber Security in Healthcare event at the UK Health Show in London, Mike Hullett said all the major telcos had been surveyed by the spooks prior to the hack that affected 157,000 TalkTalk customers' personal details.

"They were all asked what they would need to stand up after an attack," he said. TalkTalk responded its live sports streaming, as it was most concerned about being able to maintain a competitive advantage against BT. "That is a company with its priorities wrong."

It transpired that just before the hack, the company had been advertising for an information security officer.

Former boss Dido Harding later told MPs there was no specific line manager for cybersecurity, as the responsibility cuts across multiple roles in the company.

The company estimated the attack cost it £42m. Since then it said it has "substantially" increased its investment in cybersecurity, and has appointed a chief information security officer.

Hullett said he did not have the data to hand as to how other companies responded to GCHQ, but said it was important to add that TalkTalk was still a victim.

"The other point to make is that if an attack against a big high-profile company happens [people think] it must be high-end actors in place, but that is not necessarily the case."

Earlier this year, Matthew Hanley, 22, and Connor Douglass Allsopp, 20, both from Tamworth, pleaded guilty to the 2015 attack.

Allsopp admitted to police that he had supplied details on the vulnerabilities in TalkTalk's website that were exploited to get to the customer records.

The Register has asked TalkTalk for a comment. ®

Updated to add

A spokesperson for TalkTalk has been in touch to say:

We do not recognise these comments. Our biggest security priority has always been protecting our customers.

Sign up to our NewsletterGet IT in your inbox daily

29 Comments

More from The Register

TalkTalk ups the (dis)satisfaction ante as UK folk wake up to borked email

New approach to dealing with complaints working wonders

ISP TalkTalk's Wi-Fi passwords Walk Walk thanks to Awks Awks router security hole

Brit broadband biz has only had four years to patch up WPS

TalkTalk starts offering punters choice to shift-shift to O2

A 'great' deal - as long as you stay with their crummy broadband

TalkTalk plans to sell family B2B jewel to Daisy Group for £175m

Swings into £79m loss-loss in prelim fy18 results

Verizon commits to AWS after buying and selling its own cloud

Can anyone catch the big three (plus Oracle and IBM?)

Ex-CEO on TalkTalk mega breach: It woz 'old shed' legacy tech wot done it

Infosec Europe Dido Harding dodges security budget grilling

TalkTalk banbans TeamTeamviewerviewer againagain

Remote access tool blocked for second time by Brit ISP

TalkTalk to splash £1.5bn laying full fibre on 3 million doorsteps

Shares drop 12% as biz slashes dividends to raise capital

AWS seeks ‘startup launch’ experience for end-user services

We smell a cloudy challenge to Citrix and VMware – and maybe Microsoft and Google