Latest in Gear

Image credit: Getty Images

TalkTalk fined £100,000 for long-forgotten 2014 data breach

Before the cyberattack of 2015, there was another smaller-scale data breach.
187 Shares
Share
Tweet
Share
Save

Sponsored Links

Getty Images

Enough time has passed that TalkTalk has bounced back from its reputation-damaging data debacle of 2015, which saw hackers steal the personal details of over 150,000 of its customers. That earned the company a £400,000 fine from the UK's Information Commissioner's Office (ICO), and today an older data breach in 2014 has cost the company an additional £100,000. The ICO has handed TalkTalk the invoice as a slap on the wrist for failing to adequately protect customer details after third-party support staff were found to have gained "unauthorised and unlawful access to the personal data of up to 21,000 customers."

TalkTalk became aware something was up in September 2014 after customer complaints began rolling in. Scam callers had been targeting subscribers under the pretense of providing technical support, and knew their names, addresses, TalkTalk account numbers and, of course, their phone numbers. Ironically, these wannabe identity thieves had actually gleaned this information from a customer database belonging to Wipro, a company that resolves complaints and provides legitimate tech support on TalkTalk's behalf.

Upon lengthy investigation, TalkTalk discovered three Wipro employee accounts had been used to access customer details unlawfully. As it turned out, employees could access the data by logging in from any device with an internet connection, and simple search terms would allow staff to view and export the data of 500 customers at a time. It was this lax approach to data handling that the ICO found to be a breach of the Data Protection Act, hence the fine of £100,000 today.

This kind of breach is completely different to the "significant and sustained cyberattack" that hit the provider in 2015, but we imagine TalkTalk would just like to pay the piper and let us go back to forgetting this earlier breach ever happened.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
187 Shares
Share
Tweet
Share
Save

Popular on Engadget

The best mobile devices for students

The best mobile devices for students

View
Sega is becoming its weird and wonderful self again

Sega is becoming its weird and wonderful self again

View
Riot Games settles class action lawsuit over sexist culture

Riot Games settles class action lawsuit over sexist culture

View
The best external graphics card enclosure

The best external graphics card enclosure

View
Americans are waiting three years to replace their phones, study finds

Americans are waiting three years to replace their phones, study finds

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr