To be honest we don't know how clever.

DDOS is very easy and anyone can do it as all you need is a little bit of cash to rent a botnet.

As far as the hack itself we don't know how significant it was. And if the TalkTalk security was lax allowing for a simple SQL injection then it may not have taken much effort to do.

He could just be a script kiddie using simple well publicised exploits. It may have been more than that but at this point I am suspecting it was poor security more than genius hacking.

Or he might have pretended it was him in order to make the ransom demand.

I blame school holidays.

What makes me laugh is this

The company said it did not know how much of their customer information had been encrypted.

TT should know exactly how much of the customer information is encrypted.

But yeah, SQL Injection is an evil thing LOL.

Paul

Or more correctly the non-technical chief executive said she didn't know. This is either because she has technical staff that she employs to do it or it is plausible deniability. She doesn't need to know but she does need to ensure her employees are suitably qualified so that they do know.

Prior to go on-air, she should have been fully briefed and if not included asked that question herself.

But that would remove plausible deniability. They may have considered it was better not to have the answer as saying you didn't know is better than saying you don't encrypt anything.

To me it suggest incompetence from the top down. Her advisers will have known the questions likely to come up, they should have asked them internally. Plus, there had been nearly two days from when it occurred until when the news broke. Had it been an hour then I could accept her lack of knowledge - but not with the length of time she had to prepare.

Why do you think it is ok to say 'paddy hack'? if it was a Pakistani kid would you post.... well? Wise up

Also you are aware that N.Ireland is part of the UK and not Ireland?....