TalkTalk has denied that the WiFi passwords of customers hit by an internet bug have been stolen, despite such claims from a security researcher.
Last week a modified version of the Mirai worm cyber bug targeted and disrupted the broadband routers of some TalkTalk and Post Office broadband customers, leaving some without internet access.
Now security researcher Ken Munro, from Pen Test Partners, claims he has studied one of the affected routers and alleges that a follow-up attack on the device involving the same malware was being used to access the password associated with the router, placing consumer security at risk.
However, TalkTalk has denied the claims and said that no personal customer information is at risk.
“As is widely known, the Mirai worm is an industry issue, affecting many ISPs around the world,” a spokesman for the firm said.
“A small number of TalkTalk customers have been affected, but we can reassure customers that no personal information is at risk.
“If customers have an issue connecting to the internet, they should visit our help site where they can find a guide that will show them how to reset their router.”
However, Munro claims that since many users do not change the default password on their device they remain vulnerable.
“Nearly all customers never change their WiFi key from that written on the router. Why would they? I’ll bet many don’t even realise they can,” he said.
“So, the Annie (Mirai) worm and hackers have already stolen their WiFi keys, and the TalkTalk fix simply resets the router, to the exact same keys that have already been stolen.”
Munro added that a “mitigating factor” in any further attack on customers was that hackers would need to be within close range of the router to compromise the WiFi network, but said online databases exist that can reveal a router’s location if the Service Set Identifier (SSID) code is known – a code he alleges was also stolen with passwords.
But TalkTalk also denied there was any issue with user passwords, saying in its statement that “there is no need for customers to reset their WiFi password”.