CIO
2.6K views | +0 today
Follow
Your new post is loading...
Your new post is loading...
Scooped by Pál Kerékfy
Scoop.it!

Personal data belonging to up to 21,000 TalkTalk customers could have been used for scams and fraud

Personal data belonging to up to 21,000 TalkTalk customers could have been used for scams and fraud | CIO | Scoop.it
From ico.org.uk - 16 August 2017, 08:30
The Information Commissioner’s Office has fined TalkTalk Telecom Group PLC £100,000 after it failed to look after its customers’ data and risked it falling into the hands of scammers and fraudsters.

 

An ICO investigation found TalkTalk breached the Data Protection Act because it allowed staff to have access to large quantities of customers’ data. Its lack of adequate security measures left the data open to exploitation by rogue employees.

Pál Kerékfy's insight:

A lényeg az, hogy pusztán a lehetőség, hogy illetéktelen alkalmazottak sok-sok ügyfél adataihoz hozzáférhetnek, ok lehet a büntetésre. Ebben az esetben egy indiai alvállalkozó cég három alkalmazottja listázta 25-50 ezer ügyfél adatait. Az nem bizonyosodott be, hogy az adatokat valóban fel is használták.

Érdekes, hogy majdnem három év telt el az eset napvilágra kerülése és a büntetés kiszabása között.

Az indoklás szerint: “TalkTalk had ample opportunity over a long period of time to implement appropriate measures, but it failed to do so. It should have made sure the portal could only be accessed from authorised devices and could have taken steps to prevent large-scale accessing and exporting of personal data through the portal.”

@TalkTalk @ICONews #UK #ICO #TalkTalk #databreach #GDPR

more...
No comment yet.
Sign up to comment
Scooped by Pál Kerékfy
Scoop.it!

TalkTalk hit by record £400,000 fine over data breach

From www.computerweekly.com - 5 July 2017, 08:00
TalkTalk has been hit with a record £400,000 fine for the cyber attack last year that exposed personal details of more than 150,000 customers.

The record fine acts as a warning to others that cyber security is not an IT issue, it is a boardroom issue. Companies must be diligent and vigilant. They must do this not only because they have a duty under law, but because they have a duty to their customers.

Pál Kerékfy's insight:

Nos, itt egy példa arra, hogy sok pénzbe kerül, ha az évtizede ismert hibával nem foglalkozunk, pedig viszonylag könnyen és olcsó javítható. Helyette lehet a százmilliós büntetést fizetni...

Ez nem az első ilyen eset volt a TalkTalk esetében, ez is oka a hatalmas büntetésnek. http://www.computerweekly.com/news/4500256046/TalkTalk-warns-customers-about-personal-data-breach

#ComputerWeekly #cybersecurity #security #SQL #patching #TalkTalk

@computerweekly

more...
No comment yet.
Sign up to comment
About Follow us How it Works Legal Mobile Features
Facebook
Twitter
LinkedIn