This case (907699) is documented in Advisen’s Cyber Loss DataOn October 5, 2016, the Information Commissioner’s Office (ICO) fined the telecommunications company TalkTalk £400,000. This was done for failure by TalkTalk to protect customer data. It was said that a hacker could retrieve TalkTalk’s customers’ details “with ease”. Investigation revealed TalkTalk’s breach as having transpired between 15 and 21 October, 2015. Investigators said that it may have been avoided. The ICO specified that TalkTalk should have implemented rudimentary protective measures. Instead, technical weaknesses were exploited. 156,959 customers’ names, addresses, dates of birth, phone numbers, and email addresses were unlawfully exposed. 15,656 clients also had bank account details and sort codes shown. The ICO said that TalkTalk was responsible for basic security measures to protect personal data. ICO maintained this failure was a breach of obligations TalkTalk had under the seventh principle of the Data Protection Act. Company DataTalkTalk Telecom Group PLC is headquartered in the United Kingdom. NotesAdvisen data consists of publicly verifiable source material. Source material for this case may be found at the ICO. License Advisen’s loss data to discover clash analytics, other losses associated with this company, and loss data on similar organizations. Define your own peer group of companies by choosing the size, revenue band, location, and other characteristics of a set of enterprises to examine. Risk professionals rely on Advisen to inform their models and advise their clients. |
