Hackers Claim Breach of British Telecom Provider TalkTalk
British internet and TV provider TalkTalk is investigating a potential data leak after a hacker using the alias “b0nd” began selling what they claim are stolen TalkTalk customer records on a hacker forum. The alleged breach reportedly took place in January 2025 and, according to the hacker, affects 18,839,551 current and former customers. However, since TalkTalk only has about 2.4 million subscribers, cybersecurity experts have already questioned the authenticity of the claimed leak.
To support their claims, b0nd published a sample of the allegedly stolen data, which includes subscriber names, email addresses, last used IP addresses, and both work and home phone numbers. The hacker also released screenshots suggesting that the data may have been taken from the Ascendon SaaS subscription management platform, rather than directly from TalkTalk itself.
TalkTalk representatives have confirmed to the media that the company is currently investigating the incident and believes it is linked to a breach of a third-party partner. A company spokesperson stated:
“We have become aware of unauthorized access to the systems of one of our third-party suppliers and the misuse of those systems. However, no billing or financial information was stored in those systems. Our incident response team continues to work on this issue, and we have immediately taken the necessary protective measures. Our investigation is ongoing, but we can confirm that the number of allegedly affected customers mentioned in some online reports is inaccurate and significantly overstated.”
Meanwhile, CSG Ascendon told reporters that the data b0nd is selling did indeed come from their platform. However, the company denied that a hack had occurred and said the incident affected only one client:
“On January 21, 2025, CSG became aware that unauthorized parties had accessed data belonging to one provider stored on the CSG platform. We have no evidence that CSG’s systems or technologies were compromised, or that CSG was the source of this unauthorized data access. CSG immediately contained the incident and is actively supporting the affected client.”