UK telecommunications company TalkTalk is investigating a potential data breach involving a third-party supplier after a threat actor began offering alleged customer data for sale on a hacking forum.
The hacker, known as “b0nd,” claims the breach occurred in January 2025 and reportedly exposed the personal details of nearly 18.9 million current and former TalkTalk customers.
TalkTalk has dismissed these claims, stating the number of affected customers is “wholly inaccurate and very significantly overstated.” The company assured customers that no billing or financial information was stored on the compromised system. “Our Security Incident Response team is working with the supplier on this matter, and protective containment steps were taken immediately,” a TalkTalk spokesperson told BleepingComputer.
The threat actor shared a sample of the allegedly stolen data, which includes names, email addresses, last-used IP addresses, and phone numbers. However, the screenshots provided suggest the data may have originated from the Ascendon SaaS platform, a subscription management tool used by TalkTalk in the past, rather than directly from the company itself.
