TalkTalk cyber attack a 'car crash' which should warn industry, says watchdog

Updated

The cyber attack on TalkTalk which resulted in the personal data of tens of thousands of people being accessed, was a "car crash" which should send a warning to the industry, a watchdog has said.

Information Commissioner Christopher Graham said the data breach should "put the fear of God" in to other telecoms firms and make them check their own systems for vulnerabilities.

"Any other company with half a brain should be checking their systems now to make sure they don't land up in the same situation," he told MPs.

The details of almost 160,000 customers were accessed following the attack on October 21, and five people have been arrested in connection with it.

Mr Graham told the Culture, Media and Sport select committee his office was carrying out six investigations into the telecoms firm, including the probe into the October 2015 incident.

"The key message has really got to be to companies - 'there but for the grace of God', see what a car crash there was," he said.

"TalkTalk is just an example of what could go wrong."

Mr Graham added that although his office could only impose fines of up to £500,000, the real damage was to the reputation of firms found not to have taken care of sensitive data.

"It is very clear that consumers place a very high priority on the security of their personal information with companies, and they pick and choose," he said.

"When they form a view that a company isn't taking things seriously they simply shop elsewhere."

He added: "This is the big threat of our times and certainly should be high on the risk register but companies should be taking active steps to test their own systems, see whether they can break into their own system from outside."

Advertisement