TalkTalk hack: Boy, 15, arrested in Northern Ireland over attack - GoFuckYourself.com

Paul Markham · 10-26-2015, 11:41 PM

TalkTalk hack: Boy, 15, arrested in Northern Ireland over attack.

Quote:

A boy of 15 has been arrested and questioned on suspicion of being the mastermind behind the TalkTalk data theft cyber attack.

A team from Scotland Yard?s Cyber Crime Unit joined Police Service of Northern Ireland officers as they raided the teenager?s home in County Antrim. The boy was arrested on suspicion of Computer Misuse Act offences and taken to a nearby police station.

A bright 15 year old or a lot of dumb people protecting valuable date?

j3rkules · 10-27-2015, 02:48 AM

Brilliant....If a boy of 15 can hack this database imagine what full blown terrorist organisation can do.

adultmobile · 10-27-2015, 04:30 AM

Quote:

Originally Posted by jerkules

Brilliant....If a boy of 15 can hack this database imagine what full blown terrorist organisation can do.

SQL injection... come on talk talk

LatinaCamChat · 10-27-2015, 06:11 AM

I was going to say, what the fuck is TalkTalk? Another useless "innovative" phone application to replace Whatsapp, Telegram, Viber, etc, etc, etc, etc, etc, Line (wtf?), etc, etc, etc, etc, etc, etc, just fucking stop it already

But fine, it's an ISP, not a mobile app.

Phoenix · 10-27-2015, 06:26 AM

I don't fuck with you
You little stupid ass bitch I ain't fuckin' with you
You little dumb ass bitch I ain't fuckin' with you
I got a million trillion things I'd rather fuckin' do
Than to be fuckin' with you
Little stupid ass, I don't give a fuck
I don't give a fuck, I don't I don't I don't give a fuck
Bitch I don't give a fuck about you or anything that you do
Don't give a fuck about you or anything that you do

Barry-xlovecam · 10-27-2015, 07:05 AM

I just got a letter from Experian, the largest credit reporting database, telling me that my data stored there with regard to a T-mobile account had been hacked and personally identifying information, including encrypted data with regard to that T-mobile account, may be subject to exploit in the wild now -- possible identity theft.

So, ISPs are not the only ones that are brain dead. Experian was not using securely stored encryption keys obviously if the hackers got at them and decrypted data.

A teenaged hacker broke into the US Pentegon's military database years ago -- age has nothing to do with it. It is all about poorly designed security

Paul Markham · 10-27-2015, 08:14 AM

One would think that there would be an extremely high level of security to such info. Taking everything that isn't essential to the customers away from servers that can be accessed from the outside.

Also why not have this sensitive info only accessible after the person trying to access it has been verified? Phone call, email to the one on file for instance.

Barry-xlovecam · 10-27-2015, 09:24 AM

https://www.owasp.org/index.php/Cryp...ge_Cheat_Sheet
https://www.owasp.org/index.php/Cryp...in_a_key_vault
3 Critical Best Practices for Encryption Key Management on the IBM i

It is a bit more sophisticated than that.

Our encryption keys are under lock and key ( in an undisclosed location -- of course ) with very limited personnel access. No encryption keys are kept on any server for our secured PCI-DSS data. So, unless you access the right place armed and dangerous and with a safecracker you are shit-out-of-luck.

Internet access has nothing to do with it either -- local networks can be breached. So, if any encryption keys are kept on network servers they are vulnerable. The data I refer to above could have only be stolen in a useless encrypted format if the security was handled correctly.

Email, SMS or telephone is mickey mouse feel good security.

My bank uses multiple security authorizations and authentications but they are not PCI-DSS compliant 100% with public facing internet banking -- no bank is that allows DMZ access -- period. So other protocols of secure servlets and and authentications are used to mitigate risk.

10-27-2015, 02:48 AM	#2
j3rkules VIP Industry Role: Join Date: Jul 2013 Posts: 22,111	Brilliant....If a boy of 15 can hack this database imagine what full blown terrorist organisation can do. __________________ How To Build A Porn Site And Make Money \| My Best $$$ Cam Sponsor \| New Webcam Script 3 Top Adult Hosting Providers

10-27-2015, 06:26 AM	#5
Phoenix BACON BACON BACON Industry Role: Join Date: Nov 2002 Location: Poems everybody, the laddie fancies himself a poet Posts: 35,457	I don't fuck with you You little stupid ass bitch I ain't fuckin' with you You little dumb ass bitch I ain't fuckin' with you I got a million trillion things I'd rather fuckin' do Than to be fuckin' with you Little stupid ass, I don't give a fuck I don't give a fuck, I don't I don't I don't give a fuck Bitch I don't give a fuck about you or anything that you do Don't give a fuck about you or anything that you do __________________ Skype Phoenixskype1 Telegram PhoenixBrad https://quantads.io

10-27-2015, 08:14 AM	#7
Paul Markham Too old to care Industry Role: Join Date: Jun 2001 Location: On the sofa, watching TV or doing my jigsaws. Posts: 52,943	One would think that there would be an extremely high level of security to such info. Taking everything that isn't essential to the customers away from servers that can be accessed from the outside. Also why not have this sensitive info only accessible after the person trying to access it has been verified? Phone call, email to the one on file for instance. __________________ Blowout deal. 880 videos, 2,400 image sets, plus many RAW videos. $500. PM me for a deal. Skype Paulmarkham70

10-27-2015, 06:11 AM	#4
LatinaCamChat Confirmed User Industry Role: Join Date: Jul 2015 Posts: 571	I was going to say, what the fuck is TalkTalk? Another useless "innovative" phone application to replace Whatsapp, Telegram, Viber, etc, etc, etc, etc, etc, Line (wtf?), etc, etc, etc, etc, etc, etc, just fucking stop it already But fine, it's an ISP, not a mobile app.

10-27-2015, 07:05 AM	#6
Barry-xlovecam It's 42 Industry Role: Join Date: Jun 2010 Location: Global Posts: 18,083	I just got a letter from Experian, the largest credit reporting database, telling me that my data stored there with regard to a T-mobile account had been hacked and personally identifying information, including encrypted data with regard to that T-mobile account, may be subject to exploit in the wild now -- possible identity theft. So, ISPs are not the only ones that are brain dead. Experian was not using securely stored encryption keys obviously if the hackers got at them and decrypted data. A teenaged hacker broke into the US Pentegon's military database years ago -- age has nothing to do with it. It is all about poorly designed security

10-27-2015, 09:24 AM	#8
Barry-xlovecam It's 42 Industry Role: Join Date: Jun 2010 Location: Global Posts: 18,083	https://www.owasp.org/index.php/Cryp...ge_Cheat_Sheet https://www.owasp.org/index.php/Cryp...in_a_key_vault 3 Critical Best Practices for Encryption Key Management on the IBM i It is a bit more sophisticated than that. Our encryption keys are under lock and key ( in an undisclosed location -- of course ) with very limited personnel access. No encryption keys are kept on any server for our secured PCI-DSS data. So, unless you access the right place armed and dangerous and with a safecracker you are shit-out-of-luck. Internet access has nothing to do with it either -- local networks can be breached. So, if any encryption keys are kept on network servers they are vulnerable. The data I refer to above could have only be stolen in a useless encrypted format if the security was handled correctly. Email, SMS or telephone is mickey mouse feel good security. My bank uses multiple security authorizations and authentications but they are not PCI-DSS compliant 100% with public facing internet banking -- no bank is that allows DMZ access -- period. So other protocols of secure servlets and and authentications are used to mitigate risk.