UK telecoms firm gets ransom demand after being hacked

LONDON — Phone and Internet service provider Talk Talk said Friday that it has received a ransom demand after a “significant and sustained” cyberattack that may have compromised customers’ credit card and banking details.

Chief Executive Dido Harding said the company did not know how much data was stolen in the attack on Talk Talk’s website, but it was operating on a worst-case scenario in which “all of our customers’ personal financial information has been accessed.”

She said she had “received a contact from someone purporting … to be the hacker, looking for money.”

Harding said she did not know whether the demand was genuine, or whether information on the company’s 4 million customers had been encrypted.

London’s Metropolitan Police said its cybercrime unit was investigating “an allegation of data theft from a telecommunications website” reported on Wednesday.

Talk Talk has acknowledged that it realized it was under attack on Wednesday. It has been criticized for not telling customers for more than a day.

It is the third known cyberattack in a year on Talk Talk, which provides mobile phone, broadband Internet and pay television services.

Shares in the company plunged more than 10 percent before recovering to close 4.4 percent lower at 256.8 pence ($3.94) on the London Stock Exchange