Someone, in the now extensively updated BBC article, has mentioned that it is Get Safe Online Week!
Quite funny.

BBC reporting it was Russia-based Islamic jihadist who stole the data and although unconfirmed have posted the data online.

I wouldn't rule out Putin at this stage, if the attack originated from Russia.

In reply to a post by MrSaffron:

one way encryption

The correct term for this is hashing. Encryption is the securing of data so it can be recovered and not easily read by anyone else except the intended recipient(s). Hashing destroys the data, and is only useful for some form or data verification. Encryption does not destroy it.

Edited by deleted (Fri 23-Oct-15 12:23:19)

Yes I agree if there was a file sitting on a file system, like an Access database or something which the hackers simply downloaded via FTP then it is essential that is encrypted. If however the database was accessed via some internal system which decrypted the data in order to read it, having an encrypted database makes no difference.

It's one of those details which the public are never told about during incidents like this.

In view that Talk Talk customers details have been compromised wouldn�t it be prudent for those customers to change their email address and ask their bank/credit card companies to issue them with replacement cards, change their security question and passwords immediately to secure their accounts? Their name, date of birth, address and telephone number are not as risky as the rest of their as their bank/credit card details except that they can be used for identity theft. If I were an affected customer I would certainly would have contacted my bank/credit card companies and changed my details immediately.

Which is pretty much the advice floating around

Changing bank card is pointless. A DD is setup with am account number. Changing card wont change the account number

The BBC video report, where the CEO was being interviewed, stated that they would be offering 1 years free credit reporting (with Experian or what not) as part of some compensation and mitigation to the data breach. Hats off, because I actually think that's pretty decent of them and about the only thing they can possibly offer given the severity of the data breach, and how information could be used for identify theft.

A couple of questions:

Is there a way to knowing which ISPs secure your personal details better?

Are budget ISPs more prone to hacking due to lack of continued investment in security?