Following the hack of its website and theft of its customer data last week that may have affected as many as four million people, Talk Talk has hired on defence contractor BAE Systems to investigate how exactly those responsible were able to infiltrate TalkTalk’s systems. It will also be making recommendations on security that would provide better protections for consumers in the future, as TalkTalk has been criticised for its lack of certain safeguards.
The hack took place late last week and was confirmed after those claiming responsibility posted a selection of data that appeared to be from Talk Talk customers. It was later shown that the nefarious individuals behind the breach had stolen usernames, passwords, emails and in some instances even financial data. They went on to demand a ransom payment from Talk Talk to stop them releasing the data.
Although Talk Talk did initially claim that there should be no risk of money being stolen from customers affected by the hack, Reuters reports that some have had phony phone calls from people claiming to be from Talk Talk and missing money from their accounts.
BAE is primarily a military defence contractor. Source: Elliot Brown
Although criticism has been levied at Talk Talk for its allowing the security breach in the first place, others have suggested that had it encrypted all user data, the fall out would have been far less severe. It’s also prompted many to call for new regulations from the government about standards of data protection.
The UK does have the Britain’s Information Commissioner which is there to act as a watchdog when companies aren’t’ delivering adequate customer data security. It has the power to levy fines in instances of negligence, wilful or otherwise, so some are hoping it throws the book at Talk Talk as an example to others.
Discuss on our Facebook page, HERE.
KitGuru Says: Do you think Talk Talk should be fined for allowing its customer data to be copied away without much encryption protection?