Reply to post: Was this a hack or a DDOS

TalkTalk: Hackers may have nicked personal, banking info on 4 million Brits


Was this a hack or a DDOS

I'm confused by the reports of what's happened. Was this a DDOS or a hack?

Frankly, it sounds like a DDOS. Quite possibly one of those ransom attempts that seem popular these days. That would not result in data being taken, just in the site being offline.

If you are hacking to actually steal customer data, you do not flood the site with traffic*, but rather would try and sneak in undetected. If the data is exposed by the front end (which is unlikely but possible if there was some kind of SQL Injection vuln or something) then flooding the front-end with traffic is just going to make it unavailable for the hack, also.

So I'm a bit puzzled.

*I admit there is a chance it was a diversion.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019