第4集：在TalkTalk董事会会议室的恐慌

安静，安静。

Order, order.

还有哈丁女士。

And Ms.

哈丁女士，非常感谢您今天莅临。

Hardin, thank you very much indeed for coming in, today.

显然，TalkTalk遭受的黑客攻击对您的客户来说是一个严重的问题，并引发了更广泛层面的诸多问题。

Obviously, the issue of the hack at TalkTalk is a serious one for your customers and raises quite a lot of issues of a wider, nature.

我能否首先问您，在黑客攻击发生时，谁负责您公司内部的安全工作？

Can I kick off by asking you, who, was at the time of the hack, responsible for security within the company that you run?

是的。

Yes.

当然。

Of course.

在直接回答您的问题之前，主席先生，我想再次向TalkTalk的所有客户致歉，感谢他们因这一事件所经历的担忧和不可避免的不确定性。

May before I just directly answer your question, chairman, could I just begin by, apologizing again to all of TalkTalk's customers, for the the concern and the inevitable uncertainty that this event has caused all of them.

直接回答您的问题，我对公司内的安全负有责任。

To answer your question directly, I am accountable and responsible for security in the company.

在此次犯罪攻击之前以及之后，我都是负责人。

I was before this criminal attack and and AMNAF.

但您是首席执行官，哈丁女士。

But you're the chief executive, miss Harding.

那么，究竟是谁具体负责公司内部的安全工作？

Who who who is actually line managing security within the organization?

您不可能亲自做这件事。

You can't have been doing that.

您是在管理整个公司。

You're running the company.

实际上，我认为网络安全是董事会层面的问题。

Well, I I actually do think that cybersecurity is a board level issue.

因此，作为首席执行官，我认为由我来负责是合适的，我们的董事会对此非常重视。

So as the chief executive, I do think it's appropriate that I'm responsible for it, and our board takes it very seriously.

而且人们必须承担责任，问题是

And People have to be responsible, the question

确实如此。

is Indeed.

如果这是一次刑事攻击，那么这些人中可能没有一个人对这次攻击负有责任。

And and if it's a criminal attack, it is entirely possible that none of them are responsible for the attack.

问题是，公司当时的情况如何？

The question is, were they make were was the company?

因此我说，这确实要回归到首席执行官和董事会身上。

And that's why I say it really does come back to the chief executive and the board.

当时在安全政策、为技术团队提供资源以实施这些政策，以及对最佳实践的认知和理解方面，是否足够监督？

It's was there sufficient oversight in terms of the security policies, the resourcing of the technology team to implement those policies, and the knowledge and understanding of best practice?

这是一个董事会层面的问题，而不是下面个人层面的问题。

It is a board level issue rather than an individual level issue below.

公司必须100%保持安全，而网络罪犯只需要幸运一次即可。

Companies have to stay safe a 100% of the time, and the cybercriminals only have to get lucky once.

而数字世界的工作方式是，全球所有潜在的网络罪犯都能免费获得相当于卡拉什尼科夫步枪和核弹的工具，因为这些工具只需复制粘贴，就能在暗网中免费获取。

And and the way the digital world works, it's like all of your potential cybercriminals worldwide all have access to the equivalent of a Kalashnikov and a nuclear bomb because it's cut and paste and sitting in the dark web for free.

这是《暗网日记》。

This is Darknet Diaries.

讲述互联网黑暗面的真实故事。

True stories from the dark side of the Internet.

我是杰克·雷德。

I'm Jack Reider.

本集由Zocdoc赞助。

This episode is sponsored by Zocdoc.

找到一位你真正喜欢的医生，就像在沙砾中发现钻石。

Finding a doctor you actually like feels like discovering a diamond in the rough.

没错。

Sure.

你希望找一个在保险网络内、离得近、有空档的医生，但说实话，这仅仅是开始。

You want someone that's in network, nearby, with open time slots, but let's be honest, that's just the start.

能找到一个真正认真倾听、解释清楚的医生也不错。

It'd also be nice to find someone who really listens and explains things clearly.

你那位难寻的宝藏医生是存在的，而在ZocDoc上找到他们很容易。

Your diamond in the rough doctor exists, and finding them is easy on ZocDoc.

Zocdoc是一个免费的应用程序和网站，帮助你找到并预约高质量的网络内医生，让你找到心仪的医生。

Zocdoc is a free app and website that helps you find and book high quality in network doctors so you can find someone you love.

我们覆盖了全美50个州的15万多名医疗提供者。

We're talking more than a 150,000 providers across all 50 states.

你想亲自去看医生吗？

Wanna see your doctor in person?

很好。

Great.

你更喜欢视频问诊吗？

Do you prefer a video visit?

他们也可以提供视频问诊。

They can do that too.

通过ZocDoc预约的就诊通常在预订后24至72小时内就能安排。

And appointments made through ZocDoc happen fast, typically within twenty four to seventy two hours of booking.

你甚至可以约到当天的就诊。

You can even score same day appointments.

当我需要时，我 impressed 于搜索他们的网站并找到医疗提供者的快速与便捷。

I'm impressed with how quickly and easy it is to search their site and find health care providers when you need it.

别再拖延这些医生预约了，立即前往 zocdoc.com/darknet 找到并立即预约你喜爱的医生。

So stop putting off these doctor's appointments and go to zocdoc.com/darknet to find and instantly book a doctor you love today.

拼写是 z o c d o c。

That's spelled z o c d o c.

Zocdoc.com/darknet。

Zocdoc.com/darknet.

Zocdoc.com/darknet。

Zocdoc.com/darknet.

感谢 Zoc doc 支持本节目。

Thanks, Zoc doc, for supporting this show.

本集由DeleteMe赞助。

This episode is sponsored by DeleteMe.

DeleteMe让删除您的在线个人信息变得简单、快速且安全，因为在当今监控和数据泄露司空见惯的时代，每个人都可能成为受害者。

DeleteMe makes it easy, quick, and safe to remove your personal data online at a time when surveillance and data breaches common enough to make everyone vulnerable.

现在要在网上找到关于个人的隐私信息比以往任何时候都更容易。

It's easier than ever to find personal information about people online.

您的地址、电话号码以及家人的姓名在网络上公开，可能会在现实世界中带来实际后果，使每个人都面临风险。

Having your address, phone number, and family members' names hanging out there on the Internet can have actual consequences in the real world and makes everyone vulnerable.

隐私对我来说是一个极其重要的议题。

Privacy is a super important topic to me.

所以几年前，我注册了DeleteMe，它立即开始在网上搜索我的姓名，并向我提供发现结果的报告。

So a few years ago, I signed up, and DeleteMe immediately got busy scouring the Internet looking for my name and then gave me reports on what they found.

然后它开始删除这些信息，并向我展示它移除了哪些内容。

And then they got busy deleting things showing me what they got rid of.

在隐私保护方面，有人为我保驾护航真是太好了。

It's great to have someone on my team when it comes to my privacy.

通过注册 DeleteMe 来掌控你的数据，保护你的私人生活。

Take control of your data and keep your private life private by signing up for DeleteMe.

现在，我的听众可以享受特别折扣：访问 join.deleteme.com/darknetdiaries，结账时使用促销码 d d 20，即可享受 DeleteMe 计划 20% 的优惠。

Now at a special discount for my listeners, you can get 20% off your DeleteMe plan when you go to join deleteme.com/darknetdiaries, and use promo code d d 20 at checkout.

获得 20% 折扣的唯一方式是访问 join.deleteme.com/darknetdiaries，并在结账时输入代码 d d 20。

The only way to get 20% off is to go to join deleteme.com/darknetdiaries and enter code d d 20 at checkout.

即访问 join.deleteme.com/darknetdiaries，输入代码 d d 20。

That's join deleteme.com/darknetdiaries code d d 20.

Carphone Warehouse 是英国最大的移动电话零售分销商之一。

Carphone Warehouse is one of the largest mobile phone retail distributors in The UK.

在美国，这类似于 T-Mobile 或 Sprint 的门店，但 Carphone Warehouse 仅销售手机，并不隶属于任何移动运营商。

In The US, the equivalent would be like a T Mobile store or a Sprint mobile store, except Carphone Warehouse just sold phones and weren't affiliated to any mobile provider.

2003 年，情况发生了变化，他们创建了一个名为 TalkTalk 的移动运营商。

In 2003, that changed, and they created a mobile carrier called TalkTalk.

现在，Carphone Warehouse 不仅可以向你销售手机，还可以提供服务订阅计划。

Now Carphone Warehouse can both sell you the phone and the subscription plan for the service.

通过这种组合以及手机使用的激增，公司迅速发展。

With this combination and the boom of cell phone usage, the company grew rapidly.

他们开设了更多门店，要么将竞争对手挤出市场，要么收购它们。

They were opening more stores and either putting their competition out of business or buying them.

2009年，Carphone Warehouse收购了竞争对手移动运营商Tiscale UK，并将其并入TalkTalk网络。

In 2009, Carphone Warehouse bought a competing mobile provider called Tiscale UK and merged them into the TalkTalk network.

不到一年，Tiscale就被重新命名为TalkTalk。

In less than a year, Tiscale was rebranded to TalkTalk.

这还包括将所有Tiscale客户迁移到TalkTalk，并将所有基础设施整合到TalkTalk域名下。

This also included moving all Tiscale customers to TalkTalk and moving any infrastructure under the TalkTalk domain.

2010年，Carphone Warehouse决定将TalkTalk分拆，使其成为一家独立公司。

In 2010, Carphone Warehouse decided to split TalkTalk off and have it become its own company.

高管们认为，在当前市场条件下，这是实现利润最大化的明智选择。

The executives believe this was the wise choice to maximize profits in the current market conditions.

不过，将TalkTalk从Carphone Warehouse分拆出来颇具挑战性。

Demerging TalkTalk away from Carphone Warehouse was challenging, though.

想象一下，要把一家公司的客户数据库拆分到两家公司中。

Imagine trying to split the customer database from a single company into two companies.

哪些客户应该归入哪家公司，哪些服务器留在英国电信，哪些服务器随TalkTalk分离出去。

What customers belong in which company, and which servers would stay with Carphone Warehouse, and which servers would go off with TalkTalk.

TalkTalk作为英国的移动服务提供商，独立后继续快速增长。

TalkTalk continued to grow rapidly by itself as a mobile service provider in The UK.

到2014年，他们拥有近四百万客户。

In 2014, they had almost 4,000,000 customers.

2014年底，许多TalkTalk客户开始接到奇怪的电话。

Near the end of 2014, numerous TalkTalk customers were getting strange phone calls.

以下是其中一通电话的样子。

Here's what one of those calls sounded like.

哦，我叫阿莉娜。

Oh, my name is Alina.

好吗？

Okay?

您好，我是来自TalkTalk互联网服务中心的客服，您互联网服务的提供商。

Calling you from TalkTalk Internet Service Center, your Internet service provider.

明白吗？

Okay?

好的。

Okay.

对。

Right.

是的。

Yes.

我能为您做些什么？

What can I do for you?

嗯。

Yeah.

亲爱的，我今天打电话给您的原因是想通知您，每当您上网时，同一时间我们的系统都会收到一些来自您服务器的异常流量和警告，这表明您的互联网被其他不同的IP地址、不同的人使用了。

The reason why I gave you a call today, dear, okay, is just to inform you that whenever you are online, at the same point of time, we are receiving some kinds of air and warning junk fund from your server, which indicates that your Internet is used by some different different IP address, some different different people.

那么，您知道这个问题吗？

So are you aware about this problem?

不知道。

No.

我不相信您是来自TalkTalk的客服。

I do not believe you're calling me from TalkTalk.

明白吗？

Okay?

女士/先生，请听我说。

Ma'am, sir, listen to me.

我掌握全部信息。

I have a whole information.

您的姓名、地址、城市和邮政编码。

Your name, your address, your city, your postcode.

好的。

Okay.

你告诉我你的名字和我的

You tell me that You tell me my name and my And

你的通话账户号码，这非常重要且非常安全。

your talk to account number, which is very important and very secure.

好的。

Okay.

那你告诉我我的电信地址吧，好吗。

Well, you tell me what my talk talk address is then, please.

你的地址是佩蒂桥路58号。

Your address is 58 Petey Bridge Road.

好吗？

Okay?

好的。

Okay.

喂？

And hello?

是的。

Yes.

我在说话，是的。

I'm speaking Yes.

对

To

你的城市是南格拉斯。

And your city is South Glass.

嗯。

Yeah.

喂？

Hello?

嗯。

Yeah.

我在听你说。

I'm listening to you.

您的邮政编码是54 CForCharlieFAsInFrankDForDeltaUForUmbrella。

And your postcode postcode is 54 CForCharlieFAsInFrankDForDeltaUForUmbrella.

明白吗？

Okay?

您的软件呼叫号码，非常重要且非常安全。

And your software call number, which is very important and very secure.

您的软件呼叫号码是1002165。

Your software call number is 1002165.

这是您的SoftStock账户号码，非常重要且非常安全。

This is your SoftStock account number, which is very important and very secure.

诈骗电话很常见，但这次通话特别奇怪的地方在于，诈骗者知道客户的所有详细信息。

Scam calls are common, but what's really strange about this particular call is that the scammer knew all the customer's details.

列出的这些信息100%准确，包括TalkTalk账户号码。

Those details that were listed were 100% correct, including the TalkTalk account number.

一些客户确实被这些电话骗了，损失了大量钱财。

A few customers did get scammed by these calls and lost significant money.

这是其中一位受害者。

Here's one of those victims.

他们在电脑上给我看了各种东西。

They showed me all kinds of stuff on the computer.

女士，我们及时联系到您真是太幸运了，因为您的电脑再过几天就要崩溃了。

Oh, madam, it's lucky that we got hold of you because the computer is a couple of days away from blowing up, basically.

所以他们花了一个小时左右来哄骗您，跟您聊天，跟您交朋友。

So they're spending like an hour grooming you, talking to you, befriending you.

他们站在您这边。

They're on your side.

他们在帮您解决问题。

They're helping you out.

这个计划的狡猾之处在于，他们让我自己从银行取钱并转交出去，这样就不算网络犯罪了。

The cunning part of the plan was they got me to take the money out of the bank myself and pass it on so it doesn't count as a cybercrime.

所以我损失了5200英镑。

So I lost £5,200.

我还不如把车开到恩弗码头去。

I might as well have driven a car off the Enver Pier.

这是另一位受害者。

And here's another victim.

我们损失了8700英镑。

We've lost £8,700.

是的。

Yes.

他们先拿走了4900英镑，然后又拿走了3800英镑。

So they took one lot of 4,900 and a second lot of 3,800.

一切都显得那么真实，现在到了你都不知道该相信谁的地步。

It all seemed so genuine, and it's now got to the state that you don't know who to believe.

我82岁，我丈夫83岁。

I'm 82, and my husband's 83.

我们睡不好觉。

We're not sleeping properly.

还有，罗布·斯莫尔，我不知道自己是否还能再相信任何人。

And, Rob Small, I don't know that I'll ever trust anybody again.

这个骗局是这样运作的。

The scam worked like this.

骗子会先与受害者建立信任，让他们相信自己是TalkTalk的工作人员，只有TalkTalk的人才会有他们的账户信息。

The caller would establish trust with the victim, convincing them they're from TalkTalk, and only someone from TalkTalk would have their account details.

然后受害者会被要求与来电者共享电脑屏幕，来电者会在他们的系统上安装恶意软件，再让他们登录银行账户。

The victim would then be told to share their computer screen with a caller, and the caller would then install malware on their system, and then have them log in to their bank account.

接着，骗子要么直接从他们的银行账户盗取资金，要么展示一个虚假的银行余额，显示余额远高于实际金额。

And the caller would either steal money out of their bank account directly or show them a false balance on their bank account where the balance was significantly higher than expected.

骗子会告诉受害者，TalkTalk不小心多付了他们一笔钱，他们需要把这笔额外的钱从银行账户中取出，去MoneyGram或西联汇款，把钱汇给骗子。

The scammer would tell the victim that TalkTalk accidentally overpaid them, and they need to take this extra money out of their bank account, withdraw it, go to MoneyGram or Western Union, and send it to the scammer.

受害者以为自己是在把钱退还给TalkTalk，是在做正确的事。

Victims thought they were sending the money back to TalkTalk and doing the right thing.

整个2014年9月、10月和11月，TalkTalk的客户都投诉了这些诈骗电话。

All through September, October, and November 2014, TalkTalk customers complained about these scam calls.

由于投诉数量众多，TalkTalk决定对此展开调查。

Because of the volume of complaints that were being raised, TalkTalk decided to look into it.

他们确实发现了一些异常情况。

They did find something strange.

TalkTalk通知了大都会警察局和信息专员办公室。

TalkTalk notified the Metropolitan Police and the ICO.

信息专员办公室（ICO）是英国的数据保护机构。

The ICO or Information Commissioner's Office is UK's data protection authority.

顺便提一下，美国没有官方的数据保护机构。

As a side note, The US doesn't have an official data protection authority.

联邦贸易委员会会处理一些数据泄露事件，但在英格兰和欧洲大部分地区，都设有专门负责信息隐私与保护的政府机构。

The Federal Trade Commission handles some data breaches, but in England and in most of Europe, there is an official body of government that only deals with information privacy and protection.

这种机构被称为数据保护机构，ICO是英国的数据保护机构，直接向议会报告。

That is called the Data Protection Authority, and the ICO is UK's data protection authority, and they report directly to parliament.

法律规定，所有电信公司必须向ICO报告安全漏洞。

Law requires that all telecoms must report security breaches to the ICO.

因此，TalkTalk开始向ICO报告潜在的数据泄露事件。

So TalkTalk begins telling the ICO about the potential data breach.

两个月后，TalkTalk确定了数据泄露的范围，并通知了其客户。

Two months later, TalkTalk determines the extent of the data breach and notifies its customers.

TalkTalk发现，这次泄露并未发生在伦敦总部附近。

What TalkTalk found is the breach didn't occur anywhere near their headquarters in London.

相反，盗窃行为发生在4000英里之外。

Instead, the theft occurred 4,000 miles away.

为了节省数百万美元，TalkTalk将客户支持服务外包给了印度的一家公司——Wipro。

To save millions of dollars, TalkTalk outsourced their customer support reps to a company in India called Wipro.

Wipro运营的呼叫中心规模庞大。

The call centers that Wipro runs are massive.

这些中心有超过5000名员工在工作。

They have over 5,000 employees working in them.

TalkTalk雇佣了Wipro并

TalkTalk hired Wipro and

我们在加尔各答设立了一个新中心，仅用六个月时间就将员工规模扩大到一千多人。

We established a new center in Calcutta, and we ramped to over a thousand staff in just six months.

谢谢，威普罗公司。

Thank you, Wipro.

这是在数据泄露发生前的片段。

That's a clip from before the breach.

这是TalkTalk的一位高管为威普罗公司制作的宣传视频。

It's a TalkTalk executive doing a promotional video for Wipro.

这1000名威普罗客服人员每人每次只能访问一个TalkTalk用户的账户。

Each of the 1,000 Wipro customer support agents only had access to a single TalkTalk user account at a time.

但在1000名员工中，有40人拥有更高权限。

But out of the 1,000 agents, there were 40 of these people that had elevated access.

这些人可能是主管或经理。

These may have been supervisors or managers.

他们的额外权限允许他们在TalkTalk客户数据库中进行通配符搜索。

Their extra privileges allowed them to do wildcard searches on the TalkTalk customer database.

他们可以搜索‘f*’，这会返回所有以字母f开头的姓名，但最多只显示500条结果。

They could do a search for f star, and this would get back all names starting with the letter f, but it would only show a maximum of 500 results.

三名恶意的威普罗员工获得了这些特权登录权限。

Three rogue Wipro employees gained access to these privileged logins.

他们开始每次从TalkTalk数据库中提取500条客户记录。

They began harvesting customer accounts out of the TalkTalk database 500 records at a time.

每个账户的数据包括姓名、家庭住址、电话号码和账户号码。

The data on each account included a name, home address, phone number, and account number.

总共从TalkTalk数据库中窃取了21,000个账户的信息。

In total, 21,000 accounts were harvested out of the TalkTalk database.

这名内部员工会把窃取的数据存到U盘里，然后去参加一个他知道有电话诈骗者出席的聚会，并把U盘交给他们。

The rogue employee would put what he had on a USB stick and then go to a party where he knew people who worked as phone scammers, and he would give them the USB stick.

交易是这样的。

And the deal was this.

如果诈骗者成功骗到钱，这名恶意的威普罗员工就能分得一部分收益。

If the scammers were successful at counting people out of money, the rogue Wipro employee would get a cut of it.

这次数据泄露事件中，TalkTalk受到的主要批评之一是其通知客户的方式。

One of the big criticisms TalkTalk received from this breach was the way they notified their customers.

TalkTalk在11月发现了此次泄露，并立即通知了信息专员办公室（ICO），但直到次年2月才通知客户。

TalkTalk detected this breach in November and notified the ICOs then, but didn't notify their customers until February.

那些在12月遭受诈骗的客户本可以提前得到通知，但他们却没有收到。

Customers who were scammed in December could have been notified, but they weren't.

在调解员的帮助下，TalkTalk向部分因诈骗而蒙受损失的人进行了赔偿。

With the help of an ombudsman, TalkTalk did reimburse some of the people who lost money to the scam.

但也有客户无法让TalkTalk支付赔偿。

But there were also customers who were unable to get TalkTalk to pay.

TalkTalk随后向客户发布了声明。

TalkTalk proceeded to tell their customers.

在TalkTalk，我们高度重视客户的网络安全，并采取了多种措施保障客户安全。

At TalkTalk, we take our customers' security very seriously, and we take numerous measures to help keep our customers safe.

TalkTalk开始拦截骚扰电话和垃圾电话，并声称自己是少数几家能够拦截此类电话的电信公司之一。

TalkTalk did begin blocking nuisance calls and spam calls and claimed to be one of the only telecoms that did block these kind of calls.

他们还播放了类似这样的公益广告。

And they also ran public service ads such as this.

如果你对任何来电感到不确定，就直接挂断。

If you're at all uncertain about a call, just hang up.

给自己泡杯茶，花点时间好好想想。

Make yourself a cup of tea and take some time to think.

最后，拨打你供应商的官方号码回拨。

And finally, call back on your supplier's official number.

就是这样。

That's it.

三个简单步骤，识破诈骗分子。

Three simple steps to beat the scammers.

电信服务，惠及每个人。

Talk talk for everyone.

八个月过去了。

Eight months go by.

现在是2015年8月，突然间，Carphone Warehouse的三个网站全部瘫痪。

It's now August 2015, and suddenly, three of Carphone Warehouse's websites go down.

这些网站分别是1stopphoneshop.com、etosave.com和mobiles.co.uk。

The websites were 1stopphoneshop.com, etosave.com, and mobiles.co.uk.

这些是访客可以购买新手机的热门网站。

These are popular sites where visitors could purchase new cell phones.

第二天，Carphone Warehouse向其客户发送了如下信件。

And the next day, Carphone Warehouse sent the following letter to its customers.

据我们的调查，部分存储在我们系统中的数据已被访问，其中可能包括您的部分个人信息，如姓名、地址、出生日期和银行信息。

Quote, our investigation indicates that some of the data held in our systems has been accessed, and this may include some of your personal details, including your name, address, date of birth, and bank details.

我们高度重视您的数据安全，并已采取额外的安全措施以防止进一步的攻击。

We take security of your data extremely seriously, and we have put in place additional security measures to prevent further attacks.

尽管如此，我们认为尽快通知您至关重要。

Nevertheless, we felt it was important to let you know as soon as possible.

为降低欺诈活动的风险，我们建议您考虑采取以下措施。

To reduce the risk of fraudulent activity, we recommend you consider taking the following steps.

通知您的银行和信用卡公司，以便他们监控您账户的活动。

Notifying your bank and credit card company so they can monitor activity on your account.

您可以检查您的信用评级，确保没有人以您的名义申请贷款和信贷。

You can check your credit rating and make sure no one has taken a loan out and credit in your name.

您可以通过访问Experian或Equifax来完成此操作，引用结束。

You can do this by visiting Experian or Equifax, end quote.

Carphone Warehouse随后表示，有250万条客户记录从其数据库中被窃取。

Carphone Warehouse then went on to say that 2,500,000 customer records were taken from their database.

这些账户中的数据包括客户姓名、家庭住址和出生日期，此次泄露事件中还涉及9万张加密信用卡信息。

The data in these accounts included customer name, home address, and date of birth, and there were also 90,000 encrypted credit cards taken in this breach.

在这250万条客户记录中，有48万条是TalkTalk的记录。

Out of those 2,500,000 customer records, 480,000 of them were TalkTalk records.

两家公司当时仍在进行分拆流程，Carphone Warehouse仍持有TalkTalk的客户数据。

The two companies were still in the process of demerging, and Carphone Warehouse still had TalkTalk customer data.

由于TalkTalk客户受到影响，他们必须向信息专员办公室（ICO）通报此次数据泄露事件。

Because TalkTalk customers were impacted, they had to notify the ICO of the breach.

在网站宕机前两天，Carphone Warehouse 发现其网站正遭受一次所谓的复杂网络攻击。

Two days before the website went down, Carphone Warehouse discovered their sites were being hit by a, quote, sophisticated cyber attack, end quote.

一旦发现，他们立即关闭了网站，以控制并修复该问题。

As soon as it was detected, they took the website down to contain and fix the issue.

关于这次攻击的类型、被攻击的目标或具体发生方式，没有其他详细信息。

There are no other details about what kind of attack this was or what was hit or how it happened.

Carphone Warehouse 的首席执行官塞布·简斯发表了一份书面道歉，称：'我们高度重视客户数据的安全，对于此事对人们造成的影响，我们深感抱歉。'

The CEO of Carphone Warehouse, Seb Janes, issued a written apology to its customers saying, we take the security of customer data extremely seriously, and we are very sorry that people have been affected by this.

本集由 Shopify 赞助。

This episode is sponsored by Shopify.

还有什么比新年的开始更适合尝试新事物呢？

Is there any better time to try out something new than at the start of a new year?

我非常喜欢。

I love it.

我觉得自己有理由去学习一项新技能、启动一个新项目或做出新的决定。

I feel like I have permission to try learning a new skill or starting a new project or making new decisions.

但如果你更有雄心壮志，为什么不三者都尝试，让2026年成为你用Shopify开启新事业的一年呢？

But if you're feeling extra ambitious, why not do all three and turn 2026 into the year you started your new business with Shopify?

Shopify为你提供了在线和线下销售所需的一切工具。

Shopify gives you everything you need to sell online and in person.

通过Shopify内置的AI工具，设置过程非常快捷，它们能撰写产品描述和标题，甚至帮助你编辑产品图片。

Set up is fast with Shopify's built in AI tools that write product descriptions and headlines and even help you edit product photos.

数以百万计的创业者已经完成了这一跃升，从家喻户晓的品牌到刚刚起步的首次创业者。

Millions of entrepreneurs have already made this leap from household names to first time business owners just getting started.

就连我，我的T恤店也在Shopify上。

And even me, my t shirt shop is on Shopify.

那是shop..netdiaries.com。

That's shop..netdiaries.com.

我喜欢Shopify，因为它让我轻松地将业务上线。

And I love Shopify because how easy it is for me to get my business online.

营销功能也内置其中。

Marketing is built in too.

你可以创建电子邮件和社交媒体活动，触达用户浏览的任何地方。

You can create emails and social campaigns that reach customers wherever they scroll.

所以在2026年，别再等待，立即用Shopify开始销售吧。

So in 2026, stop waiting and start selling with Shopify.

注册每月1美元的试用版，今天就前往shopify.com/darknet开始销售。

Sign up for your $1 per month trial and start selling today at shopify.com/darknet.

前往shopify.com/darknet。

Go to shopify.com/darknet.

那就是shopify.com/darknet。

That's shopify.com/darknet.

在今年初，让Shopify陪伴你开启你的第一段旅程。

Hear your first this new year with Shopify by your side.

三个月过去了。

Three months pass.

现在是2015年10月21日。

It's now 10/21/2015.

今天是星期三。

It's a Wednesday.

这一天，TalkTalk网络开始变慢。

On this day, the TalkTalk network starts running slow.

一些客户反映无法拨打电话，且查收邮件非常缓慢。

Some customers report inability to make calls and checking email is very slow.

大约中午时分，TalkTalk网站完全瘫痪。

Around lunchtime, the TalkTalk website goes down entirely.

人们无法查收邮件、更改账户设置或购买新服务。

People couldn't check email, change account settings, or purchase new services.

社交媒体上充斥着对此次中断的抱怨。

Social media exploded with complaints of the outage.

客户们变得越来越沮丧。

Customers were becoming frustrated.

客服热线被挤爆了。

The customer support lines were overwhelmed.

网站整晚都一直无法访问。

The website continued to stay down all night long.

第二天，TalkTalk表示他们遭受了入侵，媒体立即开始报道这一事件。

The next day, TalkTalk said they had been breached, and the media immediately started picking up the stories.

过去一小时有一些突发新闻。

Some breaking news in the last hour.

警方正在调查针对电信公司TalkTalk网站的一次重大且持续的网络攻击。

Police are investigating after a significant and sustained cyber attack on the website of the company, TalkTalk.

我们实际上邀请到了TalkTalk的首席执行官迪多·哈丁。

We actually have the CEO of TalkTalk, Dido Harding here.

首先，迪多·哈丁，有多少人受到影响？

First of all, Dido Harding, how many people are affected?

我们还不确定具体数字，但今晚我们采取预防措施，联系了所有四百万名客户。

We don't know for certain, but we're taking the precaution tonight of contacting all 4,000,000 of our customers.

但你们并没有这么做。

But you didn't do so.

攻击发生在昨天。

The attack was yesterday.

攻击始于昨天。

The attack started yesterday.

我们昨天中午关闭了所有网站。

We brought down all of our websites yesterday lunchtime.

在过去24小时里，我们与大都会警察局以及多位安全专家合作，试图查明发生了什么。

We spent the last twenty four hours with the Metropolitan Police and various security experts trying to get to the bottom of what has happened.

但如果你并不确定客户的电话号码、银行账户等是否受到影响，难道在攻击刚开始时就通知所有客户不是更好吗？

But but if you don't know if people's telephone numbers, if their bank accounts and so forth are involved, would it not have been better to take the precaution as soon as it started to happen of telling all your customers?

每天都有针对各个网站的网络攻击。

There are cyber attacks on every website all the time.

因此，在整个英格兰和威尔士的夏季，发生了625,000起网络

So in the summer across England and Wales, were 625,000 cyber

攻击，是否每起都发生了

attacks Has that happened each to

之前谈过吗？

talk talk before?

我们每周都会遭受所谓的拒绝服务攻击。

We would receive what's called denial of service attacks on our network every week.

那你怎么知道这次是

So how do you know this one was

不同的？

different?

是什么引发了这次攻击？

What triggered this?

我们昨天午餐时间并不知道。

We didn't at lunchtime yesterday.

昨天午餐时间，我们只知道网站运行得非常慢。

At lunchtime yesterday, all we knew was that our website was running very slowly.

明白了。

Right.

而且它具备了黑客大规模攻击网站的所有早期预警迹象。

And it had all the early warning signs of bad guys bombarding the website.

所以我们才把网站下线了。

So that's why we took the website down.

然后我们需要分析数据，以确定是否有人入侵，以及他们访问了哪些数据。

We then needed to actually analyse the data in order to identify who if someone had got in, what data that they had got access to.

你知道这次网络攻击的最大数据量是多少吗？

And do you know how much, what the maximum of data this The cyber attack is

我们采取的谨慎措施是与所有客户沟通。

caution we're taking is to communicate with all of our customers.

这就是最大范围了。

So that is the maximum.

这显然是一笔可观的数字。

It's clearly a material number.

由于我们担心这些罪犯可能已经获取了一些客户的银行信息和个人信息，因此我们采取预防措施，向所有人发出通知，并诚实地借助BBC今晚的影响力，尽快联系到客户。

And because we fear that these criminals have accessed some customers' bank details as well as personal details, We're taking the precaution of telling everyone and using, to be honest, the good auspices of the BBC tonight to try and reach customers as quickly as we possibly can.

你现在告诉人们，从昨天午餐时间起，Peul的银行账户信息可能已被泄露。

You're telling people now that Peul's bank account details could have been compromised since lunchtime yesterday.

它们可能已被泄露，但我当时并不知道。

They they could have been, but I didn't know.

昨天午餐时间，我完全没有意识到情况是这样的。

I didn't have any inkling at lunchtime yesterday that that was the case.

所以在开始沟通之前，你必须掌握最基本的信息。

So, you have to have a basic amount of information before you start communicating.

我们已经尽最大努力尽快行动了。

It it it I we've tried to move absolutely as fast as we can.

同时，关于你的银行账户信息被盗——这确实发生了——你面临的风险是，这些罪犯可能会冒充你。

At the same time, in terms of your bank account details being stolen, which is what has happened, the risk you take is that that criminal tries to impersonate you.

因此，我们今天还在为所有客户提供一年的免费信用监控服务，这是确保如果有人试图非法使用这些信息时，你能及时发现并保障安全的最佳方式。

So, what we're also doing today is we're going to be providing all of our customers with a year's free credit monitoring as the best way of ensuring that if somebody does try and use that information illegally, you can catch it and that you will be safe.

新闻稿称，多达400万个用户账户遭到泄露。

The press release said up to 4,000,000 user accounts were taken.

这涵盖了TalkTalk的全部客户群。

That's the entire TalkTalk customer base.

被盗数据可能包括姓名、地址、出生日期、信用卡信息、银行信息、电子邮件地址、电话号码和TalkTalk账户号码。

This may have included names, addresses, date of birth, credit card details, and bank details, email addresses, telephone numbers, and TalkTalk account number.

TalkTalk首席执行官迪多·哈丁收到了一封勒索信。

The TalkTalk CEO, Dido Harding, received a ransom letter.

勒索者威胁称，如果不支付12.5万美元的比特币，就会公开被盗数据。

The ransom threatened to publish the data that was stolen unless they pay a $125,000 in Bitcoin.

这封勒索信已被提交给警方，除此之外未作回应。

The ransom letter was turned over to the police and otherwise ignored.

TalkTalk的安全团队昼夜轮班，全力调查此次攻击事件。

The security teams at TalkTalk worked in shifts around the clock to investigate the attack.

他们首先需要控制事态并进行分析，以了解攻击范围，然后修复漏洞，防止再次发生。

They first needed to contain it and analyze it to understand the scope and then fix the problem so it won't happen again.

他们发现，攻击者利用SQL注入手段，针对曾属于tSkali网络的网站进行了入侵。

What they found is that there was a SQL injection done on the website that was formerly part of the tSkali network.

当竞争对手被收购并合并入TalkTalk时，一个旧的Tiscale网站被遗漏了更新。

When the competitor was bought and merged into TalkTalk, an old Tiscale site was overlooked from getting updates.

事实上，该Web服务器和数据库长达三年半都没有打补丁。

In fact, that web server and database had not been patched for three and a half years.

还有传言称，他们的主网站遭受了拒绝服务攻击。

Rumors also spread that there was a denial of service attack on their main website.

如果确实发生了拒绝服务攻击，那更像是一种干扰而非实质性破坏。

If there was a denial of service attack, it was more of a distraction than damaging.

一位新闻记者将这次攻击比作在前院放火，而窃贼却从后门潜入。

One news reporter described this attack like setting a fire in the front yard while burglars enter through the back door.

TalkTalk的安全团队很难理解这次入侵的范围。

The TalkTalk security team was having a hard time understanding the scope of this intrusion.

因为这不是发生了一次SQL注入，也不是两次。

That's because there wasn't one SQL injection that happened, and there wasn't two either.

更不只是五次，甚至不是十次。

And there wasn't just five or even 10.

一份后续报告揭示，TalkTalk在十月期间遭受了超过14,000次攻击。

A later report revealed that TalkTalk was targeted over 14,000 times in October.

这些攻击并非仅来自单一地点。

Attacks didn't come from just one location.

它们来自全球多个地方。

They came from many places around the world.

这几乎像是有组织的协同攻击。

It's almost as if it was a coordinated attack.

要梳理清楚14,000次不同攻击的细节绝非易事。

Trying to sort through the details of 14,000 different attacks was no easy task.

与此同时，客户们愤怒不已，很可能是因为他们厌倦了不断听到这家公司被入侵的消息。

Meanwhile, customers were furious, likely because they were tired of hearing about this company being breached.

这将是TalkTalk一年内第三次发生客户数据被盗事件。

This would be the third time in a year that customer records were stolen from TalkTalk.

人们对此感到不满，因为TalkTalk拒绝说明哪些数据被访问、哪些人受到影响，以及数据是否被加密。

People were upset that TalkTalk wouldn't say what data was accessed, who was impacted, whether the data was encrypted or not.

客户们对各种问题都提出了抱怨。

Customers were complaining about everything.

网速慢、通话断线、诈骗电话增多，社交媒体上投诉如潮。

Slow Internet speeds, disconnected calls, increased number of scams, a flurry of complaints at social media.

人们指责TalkTalk对数据安全疏于管理，并对该公司竟不了解更详细情况感到震惊。

People were accusing TalkTalk of being negligent of the data and astonished that TalkTalk didn't know more details.

谣言四处流传。

Rumors were everywhere.

有一种谣言称，伊斯兰极端分子宣称对此次黑客攻击负责。

One rumor was that Islamic extremists were claiming responsibility for the hack.

另一种说法称，俄罗斯反对派已认领了这次攻击。

Another said Russian dissidents had taken responsibility.

还有谣言称，一些客户声称在信用卡上发现了欺诈性消费记录。

Another rumor was some customers were claiming fraudulent purchases seen on their credit cards.

许多人对细节感到困惑，将以往的泄露事件与此次事件混为一谈。

Many people were confused about the details and mixing up previous breaches with this one.

在数据泄露后的几天里，很难甚至几乎不可能分辨出哪些信息是真实的，哪些只是谣言。

In the days after the breach, it was difficult and almost impossible to figure out what information was true and what was just a rumor.

CEO意识到当时出现了大量投诉，四天后，他向所有人发布了一条新消息。

The CEO was aware of the massive amount of complaints that were going on, and four days later, had a new message for everyone.

我知道自周三TalkTalk网站遭受网络攻击以来，客户们一直感到担忧和沮丧。

I know it's been a worrying and frustrating time for customers since the cyber attack on TalkTalk's website on Wednesday.

从一开始，我们就尽了一切努力尽快查明事件真相，并随时向您更新进展。

Right from the start, we've done everything we can to get to the bottom of what happened as soon as possible and to keep you updated along the way.

大都会警察局的刑事调查以及我们内部的调查仍在进行中，但我希望现在能向客户们提供一些安心的信息：到目前为止的调查结果显示，受影响的客户数量和可能被盗的数据量比最初担心的要小。

The Met Police's criminal investigation and our own internal one are still ongoing, but I hope I can now provide some reassurance to customers by telling you that the findings so far show that the number of customers affected and the amount of data potentially stolen is smaller than originally feared.

事实上，我们的网站——可以说是我们面向客户的门面——遭到了攻击，但我们的核心系统并未被侵入。

In fact our website, our shop front if you like was attacked but our core systems weren't.

我们不会在网站上存储未加密的信用卡数据，任何可能被盗的信用卡信息，其中间的六位数字都被屏蔽了，无法用于金融交易。

We don't store unencrypted credit card data on our site, any credit card info which may have been stolen has the six middle digits blanked out and can't be used for financial transactions.

没有我的账户密码被盗，也没有任何银行信息被窃取，这些信息您在支票上填写或提供给他人用于存款时早已公开。

No my account passwords have been stolen and no banking details taken that you wouldn't already be sharing when you write a check or give to someone so they can pay money into your account.