TalkTalk fined £400k in customer data theft probe

TalkTalk has been fined £400,000 for below-par online security after more than 150,000 customers' personal data was stolen.

TalkTalk is sponsoring this year's 'The X Factor' series for a tenth time
TalkTalk is sponsoring this year's 'The X Factor' series for a tenth time

The telecoms company suspended all its advertising, including its sponsorship of ITV’s The X Factor, during the cyber attack last October. At the time it was Britain’s seventh biggest advertiser with an estimated annual adspend of more than £90m.

The Information Commissioner, Elizabeth Denham, criticised TalkTalk for having failed to implement basic cyber security measures which "allowed hackers to penetrate TalkTalk’s systems with ease". 

She added: "TalkTalk should and could have done more to safeguard its customer information. It did not and we have taken action." 

In a statement, TalkTalk said the fine was disappointing and that it had co-operated fully with the Information Commissioner Office’s investigation. 

It is the largest fine imposed by the ICO, which has the power to impose a maximum fine of £500,000.

The attack cost TalkTalk £42m, the company said in May, and 101,000 subscribers had since left.

The ICO’s report said TalkTalk was using out-of-date database software which had held details of customers inherited from the 2009 takeover of Tiscali. The hacker obtained customers’ details by attacking three vulnerable web pages.

A police investigation of the data theft is still ongoing and six people have been arrested.

Topics

Before commenting please read our rules for commenting on articles.

If you see a comment you find offensive, you can flag it as inappropriate. In the top right-hand corner of an individual comment, you will see 'flag as inappropriate'. Clicking this prompts us to review the comment. For further information see our rules for commenting on articles.

comments powered by Disqus