TalkTalk once told GCHQ: Cyberattack? We'd act fast – to get sport streams back up

National Cyber Crime Unit spills on pre-2015 megahack convo

By Kat Hall

Posted in Security, 27th September 2017 12:16 GMT

Updated Prior to its disastrous 2015 mega hack, UK ISP TalkTalk had told British spies at GCHQ that should an attack occur, its main focus would be to restore "online sports streaming", according to the head of operations at the country's National Cyber Crime Unit.

Speaking at the Cyber Security in Healthcare event at the UK Health Show in London, Mike Hullett said all the major telcos had been surveyed by the spooks prior to the hack that affected 157,000 TalkTalk customers' personal details.

"They were all asked what they would need to stand up after an attack," he said. TalkTalk responded its live sports streaming, as it was most concerned about being able to maintain a competitive advantage against BT. "That is a company with its priorities wrong."

It transpired that just before the hack, the company had been advertising for an information security officer.

Former boss Dido Harding later told MPs there was no specific line manager for cybersecurity, as the responsibility cuts across multiple roles in the company.

The company estimated the attack cost it £42m. Since then it said it has "substantially" increased its investment in cybersecurity, and has appointed a chief information security officer.

Hullett said he did not have the data to hand as to how other companies responded to GCHQ, but said it was important to add that TalkTalk was still a victim.

"The other point to make is that if an attack against a big high-profile company happens [people think] it must be high-end actors in place, but that is not necessarily the case."

Earlier this year, Matthew Hanley, 22, and Connor Douglass Allsopp, 20, both from Tamworth, pleaded guilty to the 2015 attack.

Allsopp admitted to police that he had supplied details on the vulnerabilities in TalkTalk's website that were exploited to get to the customer records.

The Register has asked TalkTalk for a comment. ®

Updated to add

A spokesperson for TalkTalk has been in touch to say:

We do not recognise these comments. Our biggest security priority has always been protecting our customers.

Sign up to our NewsletterGet IT in your inbox daily

29 Comments

More from The Register

TalkTalk starts offering punters choice to shift-shift to O2

A 'great' deal - as long as you stay with their crummy broadband

TalkTalk banbans TeamTeamviewerviewer againagain

Remote access tool blocked for second time by Brit ISP

TalkTalk to splash £1.5bn laying full fibre on 3 million doorsteps

Shares drop 12% as biz slashes dividends to raise capital

TalkTalk sees red after chucking £75m on restructuring bonfire

Who wants to buy a phone biz?

TalkTalk glitch causing mobiles and landlines to go off at the same time

Yet more problems for the firm's long-suffering customers

TalkTalk customers complain of being unable to load Amazon website

Issue ongoing since last week

AWS sells local Chinese infrastructure to local partner Sinnet

Bezos' cut price bit barns sell to comply with local laws

Take a bow, TalkTalk, Post Office, Vodafone! You win most-whinged-about telcos award

Regulator figures show Sky, Tesco users as most content

In a surprise to no one, BT and TalkTalk top Ofcom's whinge-list

'Some providers still not doing enough,' says regulator

Meltdown/Spectre fixes made AWS CPUs cry, says SolarWinds

CPU utilization up, throughput down, but a second fix may have restored normal service