Home / Software & Gaming / Security / TalkTalk fined £400,000 for poor security practises

TalkTalk fined £400,000 for poor security practises

It has been almost a year since TalkTalk suffered a huge cyber attack, in which the personal information of over 150,000 customers was stolen. Now, the UK-based ISP has to face the consequences, as the firm has been fined a record £400,000 for poor security practices, which left consumer data inadequately protected.

The fine has been imposed by the Information Commissioner after an investigation revealed that TalkTalk's security simply wasn't up to snuff, to the point where the attackers were able to obtain access “with ease”. While the personal information of over 150,000 customers was stolen, 16,000 customers also had bank details stolen.

talktalk_logo_0

The commission said in its press release that “TalkTalk’s failure to implement the most basic cyber security measures allowed hackers to penetrate TalkTalk’s systems with ease. Yes hacking is wrong, but that is not an excuse for companies to abdicate their security obligations. TalkTalk should and could have done more to safeguard its customer information. It did not and we have taken action.”

“Today’s record fine acts as a warning to others that cyber security is not an IT issue, it is a boardroom issue. Companies must be diligent and vigilant. They must do this not only because they have a duty under law, but because they have a duty to their customers.”

Discuss on our Facebook page, HERE.

KitGuru Says: Last year's TalkTalk hack was big news at the time, especially with the amount of people affected. Hopefully this sort of fine will prompt other companies to double down on cyber security in order to properly protect customers.

Become a Patron!

Check Also

Nvidia driver update fixes crucial security vulnerabilities

Nvidia GeForce, RTX, Quadro, NVS and Tesla GPU users will want to update their drivers soon. Nvidia has pushed out a hotfix with a number of critical security fixes that if left unfixed, could allow for unauthorised access to systems.