This post is also available in: heעברית (Hebrew)

TalkTalk, the British telecoms company, has admitted that it has suffered its third major cyberattack in the last 12 months with data from its 4 million customers compromised by hackers in a “significant and sustained attack” on its website.

A company spokeswoman said: “We can confirm we were contacted by someone claiming to be responsible and seeking payment.” Declining to elaborate on the demand, the spokeswoman said: “everything else is a matter for the police”.

The BBC reports that the attackers used a technique known as a distributed denial of service (DDoS) to overwhelm the company’s website, but this has not been confirmed by TalkTalk. A DDoS attack would need to have been used as part of a broader attack strategy as it alone would not allow the attackers to steal any information.

The identity of the hackers is unknown but one group has claimed responsibility by posting a message online saying the attack was carried out in the name of Allah, adding a warning that “your hands are covered in blood” and “Judgment Day is soon.” The group adds that it is based “in the Soviet Russia” and used the dark Web to prevent authorities from tracking its movements.

The company says that it is too early to know exactly what data has been attacked and what has been stolen, but a criminal investigation has been launched and customers are being contacted by e-mail.

Subscribe to our newsletter.