Breaking News Emails
British broadband provider TalkTalk said on Friday it had received a ransom demand from an unidentified party claiming responsibility for a cyber attack that could have led to the theft of personal data from its more than 4 million customers.
The data could include credit card and bank details, and if the theft is confirmed by a police investigation it would be one of Britain's biggest online security breaches.
"We have been contacted by, I don't know whether it is an individual or a group, purporting to be the hacker," TalkTalk CEO Dido Harding told the BBC, without giving details.
Jens Monrad, a Copenhagen-based security expert for U.S. cyber defense firm FireEye, also told Reuters that samples of financial data which appeared to come from TalkTalk customers had been spotted for sale in cybercriminal forums on the so-called dark web.
A TalkTalk spokeswoman declined to comment, citing the ongoing police investigation.
The attack is potentially one of the largest and most damaging to hit a British company, and follows dozens of high-profile cases targeting retailers and banks in North America.
The details of millions of customers of infidelity website Ashley Madison were leaked in August after a massive cyber assault, while Sony Corp's film studios were hit last year.