October 5, 2016
TalkTalk has been fined a record £400,000 for poor website security which led to the theft of the personal data of nearly 157,000 customers.
The cyber attack on its website took place in October last year.
The Information Commissioner’s Office, which imposed the fine, said security was so poor that the attack succeeded “with ease”.
TalkTalk said the fine was “disappointing” as it had “co-operated fully” with the investigation.
“The TalkTalk attack was notable for our decision to be open and honest with our customers from the outset. This gave them the best chance of protecting themselves.”
The fine is the largest yet imposed by the ICO, which under its powers could have imposed a maximum fine of £500,000.