It has been almost a year since TalkTalk suffered a huge cyber attack, in which the personal information of over 150,000 customers was stolen. Now, the UK-based ISP has to face the consequences, as the firm has been fined a record £400,000 for poor security practices, which left consumer data inadequately protected.
The fine has been imposed by the Information Commissioner after an investigation revealed that TalkTalk's security simply wasn't up to snuff, to the point where the attackers were able to obtain access “with ease”. While the personal information of over 150,000 customers was stolen, 16,000 customers also had bank details stolen.
The commission said in its press release that “TalkTalk’s failure to implement the most basic cyber security measures allowed hackers to penetrate TalkTalk’s systems with ease. Yes hacking is wrong, but that is not an excuse for companies to abdicate their security obligations. TalkTalk should and could have done more to safeguard its customer information. It did not and we have taken action.”
“Today’s record fine acts as a warning to others that cyber security is not an IT issue, it is a boardroom issue. Companies must be diligent and vigilant. They must do this not only because they have a duty under law, but because they have a duty to their customers.”
Discuss on our Facebook page, HERE.
KitGuru Says: Last year's TalkTalk hack was big news at the time, especially with the amount of people affected. Hopefully this sort of fine will prompt other companies to double down on cyber security in order to properly protect customers.