Information Commissioner's Office
Printable version

TalkTalk cyber attack – how the ICO’s investigation unfolded

A cyber attack exploits vulnerabilities in three webpages which are operated by TalkTalk following its 2009 acquisition of the UK operations of Tiscali. The exploitation of this vulnerability allows access to an underlying database holding customers’ personal data including names, addresses, dates of birth, phone numbers, email addresses and financial information.

TalkTalk website down

21 October 2015

The website attack was identified shortly after midday on 21 October

TalkTalk becomes aware of the attack following internal reports of its network operating more slowly than normal. The attack type - SQL injection - was identified shortly after midday on 21 October, and around an hour later TalkTalk removed its websites and replaced them with a holding page.

ICO told about attack

22 October 2015

TalkTalk reports a potential data breach to the ICO. The ICO acts quickly and commences a preliminary investigation to look into the details of the incident.  The ICO writes to TalkTalk and asks them to provide more information about the incident.

Click here for full press release


Channel website:

Share this article

Latest News from
Information Commissioner's Office