TalkTalk’s Databreach Made Secret, Exposed In A Google Search
Having the Google search engine is a blessing for many people who are searching for answers to whatever questions they may have. However, for the telecommunication conglomerate TalkTalk, having Google is a nightmare, as their data breach that they kept secret from their customers was inadvertently exposed by just a simple Google Search. An estimated 4,545 customer records were discovered by just a Google Search, which TalkTalk tried to hide from the public.
Styling itself as: “We do what’s right. We’re also passionate about keeping our teams engaged, happy and proud to work here. It’s all about empowering customers through great TalkTalk technology, and great TalkTalk people.” With leaving the customers in the dark, the company may be subjected to a penalty by the United Kingdom.
The data breach issue was not disclosed by the conglomerate, and it was also unreported to the ICO (UK”s Information Commissioner’s Office), which according to law should receive all reports of data breaches in accordance to the Data Protection Act of 1998. It was later found out through a Google search that the data leak includes personally identifiable information like customer full name, birthdate, address, account numbers, financial information, and contact information. Due to the news blackout fiasco, TalkTalk was forced to issue letters of apology to the affected customers of the 2015 data breach, the origin of the data came from the conglomerate’s own database.
“The 2015 incident impacted 4% of TalkTalk customers and at the time, we wrote to all those impacted. In addition, we wrote to our entire base to inform them about the breach, advise them about the risk of scam calls and offer free credit monitoring to protect against fraud. A recent investigation has shown that 4,545 customers may have received the wrong notification regarding this incident. This was a genuine error and we have since written to all those impacted to apologize. 99.9 percent of customers received the correct notification in 2015. On their own, none of the details accessed in the 2015 incident could lead to any direct financial loss,” explained a TalkTalk representative.
Security experts expressed their concern of companies not being honest when it comes to the welfare of their customers. Even though bad for the reputation of the company at first, customers will appreciate if companies that encounter trouble can face the music by being honest with their customers.
Julia Sowells886 Posts
Julia Sowells has been a technology and security professional. For a decade of experience in technology, she has worked on dozens of large-scale enterprise security projects, and even writing technical articles and has worked as a technical editor for Rural Press Magazine. She now lives and works in New York, where she maintains her own consulting firm with her role as security consultant while continuing to write for Hacker Combat in her limited spare time.