UK service provider TalkTalk has been fined £100,000 (€110,500) by the Information Commissioner’s Office for failing to “look after its customers’ data”.
An ICO investigation found TalkTalk breached the Data Protection Act, as it allowed staff to access large quantities of customers’ data due to “lack of adequate security measures”.
This left data open to “rogue employees”, who could access customers details like names, addresses, phone numbers and account numbers.
The breach came to light in September 2014 after TalkTalk started getting complaints from customers that they were receiving fraudulent service calls, with scammers able to quoted customers’ addresses and TalkTalk account numbers, according to the ICO.
“TalkTalk may consider themselves to be the victims here. But the real victims are the 21,000 people whose information was open to abuse by the malicious actions of a small number of people,” said Information Commissioner, Elizabeth Denham. “TalkTalk should have known better and they should have put their customers first.”
TalkTalk’s own investigation found that three accounts used by India-based IT services and outsourcing company Wipro had been used to gain unauthorised and unlawful access to the personal data of up to 21,000 customers.
The ICO fined TalkTalk because it found it had breached the seventh principle of the Data Protection Act by not having appropriate technical or organisational measures in place to keep personal data secure.
Separately, TalkTalk was the victim of a cyber attack in October 2015, with the breach exposing customers’ email addresses, names and phone numbers, as well as bank account numbers and sort codes.
It later transpired that a 17 year-old boy was behind the hack. He was given a 12-month youth rehabilitation order after admitting seven offences related to the hacking in a hearing at Norwich Youth Court last year.
ICYMI: Sky Italia MD and programming chief to leave digitaltveurope.com/2021/04/22/sky… https://t.co/F03jVwNLr8
22 April 2021 @ 20:04:00 UTC
ICYMI: Viaplay subs jump by a quarter as @nent_group targets new markets digitaltveurope.com/2021/04/22/via… https://t.co/S9MNWmFqrl
22 April 2021 @ 19:15:00 UTC
ICYMI: @IBCShow confirms plans for 2021 event staging digitaltveurope.com/2021/04/22/ibc… https://t.co/fSQn724zz7
22 April 2021 @ 18:00:00 UTC
Horse & Country launches free service on Vizio SmartCast digitaltveurope.com/2021/04/22/hor… https://t.co/J7DSRu16Uf
22 April 2021 @ 17:30:00 UTC
.@Roku enters into Original programming, rebrands Quibi content digitaltveurope.com/2021/04/22/rok… https://t.co/Drwo6AHILD
22 April 2021 @ 17:00:01 UTC