TalkTalk, a UK internet and pay TV services provider, has launched a probe into a possible data breach after threat actor "b0nd" claimed to exfiltrate information belonging to 19 million current and former customers of the telecommunications firm, including their names, email and IP addresses, subscriber PINs, and phone numbers, The Register reports.
Such data compromise may have been achieved through an intrusion against a third-party supplier, which did not have any access to billing or financial details, according to TalkTalk Head of External Communications Liz Holloway, who did not name the supplier and noted that the incident could not be confirmed until the external vendor's investigation is finalized. TalkTalk has also refuted the alleged impact of the breach, with The Register noting that the firm has only amassed 2.4 million customers since its launch more than two decades ago. "Our investigations are ongoing, however, we can confirm that the number of potential customers referred to in certain online posts is wholly inaccurate and very significantly overstated," said TalkTalk.