Scam victim sues TalkTalk

Scam victim sues TalkTalk

The Mirror reports on Michael Robinson, who is taking British broadband provider TalkTalk to court after they were hacked and he suffered at the hands of scammers:

Mr Robinson, of Whitburn, near Edinburgh, who is claiming “substantial” compensation said: “We have suffered mentally.”

He says the crooks also got hold of his wife’s details and photos of his children.

Sign up to our free newsletter.
Security news, advice, and tips.

His bank refunded £257 after a conman called, saying he was from TalkTalk.

TalkTalk said: “Scammers only had minimal, inconsequential information.”

Minimal? Inconsequential? Hmm. Personally, I think minimal information would have been zero.

The scammers exploited information about TalkTalk customers (including names, dates of birth, address, email address, phone numbers, full bank account numbers and sort codes) seemingly stolen through an elementary SQL injection attack on the TalkTalk website.

In the hands of a criminal such information can easily be used in a scam telephone call to trick the unwary into believing they are talking to a member of TalkTalk staff.

TalkTalk, however, only offered to waive affected customers’ termination fees if victims could show that they had lost money as a direct result of the information above being stolen, not as a consequence of a subsequent scam phone call using the sensitive data.

TalkTalk would be wise to consider that trust takes years to build, seconds to lose, and a lifetime to regain (if you’re lucky).

Every one of those scammed customers will never use TalkTalk again, will tell all of their friends and family never to use TalkTalk, and some may even – like Michael Robinson – be tempted to seek financial redress through the courts.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

4 comments on “Scam victim sues TalkTalk”

  1. Techno

    Recently, I started getting faked email header bouncers and I received scam phone calls and text messages by people who knew too much about me. I realised in the end how this had happened:

    1. I used to be a customer of Virgin Media.
    2. When I left some of my Virgin Media email accounts weren't deactivated.
    3. These still active email accounts, along with my financial details, were transferred to TalkTalk last year as part of Virgin's divestment of its telephone line customers (Virgin National).
    4. TalkTalk got hacked.

    So I suffered from the TalkTalk breach even though I have never been a customer of TalkTalk.

  2. Lee Grant

    I run a computer shop and dealing with customers that receive 'dodgy' phone calls is almost a daily occurrence – the amount of Talk Talk customers contacted far outweighs the others.

  3. Easton Wilson

    I was a victim of a talk talk scam to the amount not £3866.00 which was taken from account I won't go into detail but it safe to say that I and my family have suffered both mentally and financially because of the scam. Its in the hand of the financial ombudsman who are looking into the case. I fear I will not get my money back, but if anyone can suggest what I could do next it would be much appreciated.

    Regards

    Easton Wilson

  4. Ex TalkTalk Customer

    I was a victim of a very sophisticated TalkTalk Scam. Luckily I missed being defrauded of £11,000 by a matter of seconds. TalkTalk do not appear to care – they said it was my fault and showed no interest in how the scam was carried out.

    It's a bit like TalkTalk giving out one's name and address and account details to a thug in the street. So when the thug knocks on one's door, calls you by your name, and say they are from a trusted company, its your fault if you open the door and get punched in the face. Ver

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.