A DDoS attack appears to have been used as cover to conduct a massive theft of 4 million customer records from telecoms provider TalkTalk.
Intel Security’s CTO EMEA Raj Samani said: "Initial reporting suggests that this attack leveraged DDoS as a potential smokescreen to hide the cyber criminals’ ultimate goal – data theft on a huge scale. While it is too early to draw conclusions, we know from previous incidences, such as Operation Troy, that this tactic has been successfully used in the past."
The breach has potentially resulted in the theft of personal information, including bank and credit card details, from all 4m customers.
TalkTalk said in a statement that their website had suffered a "a significant and sustained cyberattack on our website."
CEO Dido Harding said in a broadcast interview that the alarm was first raised in the firm when its website began running slowly.
The Metropolitan Police has confirmed that it is investigating the attack.
TalkTalk is owned by Carphone Warehouse, which has been the victim of a breach in August.