TalkTalk fined for failure to prevent cyber attack: Report

0
838
TalkTalk fined for failure to prevent cyber attack: Report
TalkTalk fined for failure to prevent cyber attack: Report

TalkTalk has been fined ($510,000) over website security failings which led to the theft of almost 157,000 customer’s data last year.

The telecommunications company’s “failure to implement the most basic cyber security measures allowed hackers to penetrate TalkTalk’s systems with ease,” U.K. Information Commissioner Elizabeth Denham said in a statement. Police have arrested at least six people in relation to the attack.

Hackers accessed the personal data of about 150,000 TalkTalk customers, including names, addresses, dates of birth, phone numbers and e-mail addresses. The company’s shares lost 19 percent after details of the incident were disclosed, before recovering on news that the impact was smaller than initially feared.

READ  Microsoft Speech Recognition: Better Than a Human? "Details"

TalkTalk said it had been open and honest about the breach and had cooperated fully with the ICO probe.

“While this is clearly a disappointing decision, we continue to be respectful of the important role the ICO plays in upholding the privacy of consumers,” the company said in a statement.

READ  Taiwanese Scientists Pilot a Drone Using an Apple Watch

The ICO said TalkTalk failed to scan for possible threats after taking over Tiscali SpA’s U.K. operations in 2009 and was unaware of vulnerable web pages. TalkTalk was also unaware it was using outdated software and had it been updated, the bug would have been fixed, the ICO said.

The fine is “little more than a sting to TalkTalk’s finances,” said Mark Skilton, professor of practice at Warwick Business School and an expert on cybersecurity. “Even by factoring in the reported numbers of 157,000 personal details and, of those, the 16,000 who had bank details stolen, it still only equates to 2.50 pounds per head, or 25 pounds per person who lost banking data.”

READ  This Windows 10 update fail has a fix that could cause more harm than good, Report

Authorities should “treat cyber security as a real corporate risk and not just a customer data mismanagement issue,” Skilton added.

Jean G. Thomas

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.