BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

TalkTalk cyber attack a ‘car crash’ which should warn industry, says watchdog

From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Thu, 28 Jan 2016 18:57:56 -0700
http://business-reporter.co.uk/2016/01/27/talktalk-cyber-attack-a-car-crash-which-should-warn-industry-says-watchdog/

Information Commissioner Christopher Graham said the data breach should
“put the fear of God” in to other telecoms firms and make them check their
own systems for vulnerabilities.

“Any other company with half a brain should be checking their systems now
to make sure they don’t land up in the same situation,” he told MPs.

The details of almost 160,000 customers were accessed following the attack
on October 21, and five people have been arrested in connection with it.

Mr Graham told the Culture, Media and Sport select committee his office was
carrying out six investigations into the telecoms firm, including the probe
into the October 2015 incident.

“The key message has really got to be to companies – ‘there but for the
grace of God’, see what a car crash there was,” he said.

“TalkTalk is just an example of what could go wrong.”

Mr Graham added that although his office could only impose fines of up to
£500,000, the real damage was to the reputation of firms found not to have
taken care of sensitive data.

“It is very clear that consumers place a very high priority on the security
of their personal information with companies, and they pick and choose,” he
said.

“When they form a view that a company isn’t taking things seriously they
simply shop elsewhere.”

He added: “This is the big threat of our times and certainly should be high
on the risk register but companies should be taking active steps to test
their own systems, see whether they can break into their own system from
outside.”

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Need access to data breach details or alerts when new breaches happen? Risk Based Security's Cyber Risk Analytics 
portal, fueled by the RBS breach research team, provides detailed information on how data breaches occur and which 
vendors to trust. Contact us today for a demo.
Previous By Date Next
Previous By Thread Next

Current thread: