The latest security breach at TalkTalk – the third in a year – is without doubt the most serious to hit the firm and its subscribers – potentially its entire 4m customer base are now at risk of their personal and financial data being misused.
London’s Metropolitan Police, which has been bolstering its efforts to tackle cybercrime in recent months, have launched an investigation into the incident which follows the previous leaking of customer data from one of the firm’s overseas call centres.
TalkTalk insists that it takes the security of customer data “very seriously” and yet it’s impossible not to notice that the firm keeps losing it.
The reputational damage caused by the latest incident is going to be severe and, hopefully, long-lasting but it won’t be enough for current and future customers to have full confidence that the firm will take the action necessary to ensure it’s the final time confidential data walks out of its call and data centres.
What’s now needed is for the UK’s Information Commissioner and, should any customers sue for resulting losses, the courts to impose fines which are as close to ruinous as it’s responsible to levy.
And Ofcom which in recent months seems to have become fixated on a single issue – the forced separation of BT and Openreach – needs to start delivering on its core job of protecting consumers by insisting that all TalkTalk customers are able to walk away from their contracts without penalty.
Heavy fines and a mass customer exodus will ensure that TalkTalk and other UK firms really do start taking the protection of customer data seriously.