“TalkTalk’s failure to implement the most basic cyber security measures allowed hackers to penetrate TalkTalk’s systems with ease. Yes hacking is wrong, but that is not an excuse for companies to abdicate their security obligations. TalkTalk should and could have done more to safeguard its customer information. It did not and we have taken action.”
– UK ICO’s Elizabeth Denham, 5th October 2016.
TalkTalk Data Breach
UK ICO’s enforcement actions include fines against law enforcement agency after interview disk went missing and individual health practitioner for unlawfully accessing a patient medical records without a valid legal reason.
The highest profile is undoubtedly the £400,000 fine against TalkTalk, close to the maximum fine of £500,000 ICO is empowered to apply, for contraventions of Data Protection Act 1998.
TalkTalk’s failure to properly protect customer data from a cyber attack resulted in a breach of personal data of 156,959 customers, including names, addresses, dates of birth, and in many cases, bank account details and sort codes…Click here to read full article.