12-01-2022 12:17 AM - edited 12-01-2022 12:37 AM
Tonight, 11 January 2022, the Privacy Manager for TalkTalk Mail was changed. No advance notice was given of planned maintenance.
The introduction of a new Privacy Manager, iDWard, caused blocking issues. Blocking users from signing in to TalkTalk Mail, unless using ad/tracker-blocking, and the iDWard logo, positioned bottom left, totally blocking the << toggle function for the Folder view.
On selecting the iDWard logo and then selecting Manage Settings: https://data-account-web.id-ward.com/?idw-error-type=hydra-error&idw-error=timeout
iDWard was later removed.
on 20-01-2022 12:49 PM
on 13-01-2022 10:47 AM
In my opinion the advertising team, if that's who are controlling this activity, having unrestricted access to the TalkTalk Mail production platform is damaging to TalkTalk's reputation.
The previous incident showed evidence of email addresses being captured. This latest incident locked users out of the platform and lost a view function.
on 13-01-2022 09:13 AM
12-01-2022 12:59 PM - edited 12-01-2022 02:09 PM
The blocking of access to sign in to webmail did get reported to the Incidents team and was noted as incident INC000100214242 on Service Status overnight.
Whoever is responsible for implementing iDWard will know.
I'm more concerned about the reference to the hydra error in connection with the idw error because hydra is a known network password cracker. Could be something else but are TalkTalk Security aware of this incident?
on 12-01-2022 12:53 PM
Hi Gondola, we weren't aware of anything happening last night and I've checked with the managers they weren't aware of anything either.
I'll see what information we can get.
on 12-01-2022 09:53 AM