Script Kiddies Case Study: TalkTalk
Although most script kiddies do not have overtly malicious intentions, looking instead to show off their ‘abilities’ to their friends, they can still have a substantial and negative impact on their targets.
The TalkTalk cyber attack in 2015 is just one example of script kiddies undertaking large scale attacks. This attack stemmed from a 17 year old boy using hacking software to scan sites for security vulnerabilities. His motivation was the ability to prove his IT knowhow to his friends, and when a vulnerability on TalkTalk’s site was spotted, he posted the details online. Others then began to take advantage of this flaw in security, accessing confidential information of TalkTalk’s customers. Over 15,000 people had their details stolen, including email addresses, phone numbers and full bank details.
The attack was a disaster, not only for the individuals affected, but for the company too. TalkTalk lost around 95,000 customers for their failure to implement the correct and most secure cyber security measures. This lack of trust in the company was severely damaging, impacting their reputation and position in the market. The breach also cost the company £60 million, plus a £400,000 fine from the UK Information Commissioner’s Office, at the time the largest to date, for the incompetency in securing their customers details.