HQ/EMEAFind out how we can help your business
UK telecommunications provider TalkTalk is facing another data security concern after a third-party supplier system was allegedly compromised, leading to customer information being offered for sale on a hacking forum.
A threat actor, using the alias “b0nd,” recently claimed responsibility for the breach, asserting that data belonging to over 18.8 million current and former TalkTalk customers was stolen in January 2025. The hacker also shared a sample of the alleged data, which includes sensitive details such as customer names, email addresses, IP addresses, and contact numbers.
TalkTalk has clarified details about the incident.
The telecom firm has strongly disputed these claims, emphasising that the number of affected customers has been “wholly inaccurate and very significantly overstated.” Additionally, the company reassured customers that no financial or billing information was stored on the compromised system.
In a statement, TalkTalk said: “Our Security Incident Response team is working closely with the supplier to investigate this matter, and protective containment measures were implemented immediately.”
While the hacker alleged that the breach directly involved TalkTalk’s systems, further investigation suggests otherwise. Screenshots shared by the threat actor indicate the data was accessed from CSG Ascendon, a subscription management platform historically used by TalkTalk.
CSG, the platform provider, has since confirmed that an external party gained unauthorised access to a single provider’s data on their system. However, they have denied any breach of their infrastructure, asserting that their technologies were not compromised.
“On 21 January 2025, we became aware of unauthorised access to a customer’s data stored on our platform. Immediate containment steps were taken, and we are actively supporting our customer in addressing this issue,” CSG stated.
The news of this potential breach has revived memories of TalkTalk’s 2015 cyber incident, which exposed the personal details of over 150,000 customers and resulted in a £400,000 fine by the UK Information Commissioner’s Office.
As investigations continue, questions remain over how the hacker gained access. It is unclear whether compromised credentials played a role in the incident, and researchers are awaiting further updates from TalkTalk.
The telecommunications company has yet to confirm the full scope of the breach or validate the hacker’s claims. However, customers have been assured that security measures were promptly strengthened to safeguard their data.
This latest incident features the ongoing risks businesses face from third-party system vulnerabilities, highlighting the importance of effective cybersecurity measures across all partners and suppliers.
