TALKTALK DISCLOSURE FIASCO
If you thought that Yahoo made a fist of disclosing the biggest breach in history, TalkTalk managed to make them look like PR experts. The company fell victim to a SQL injection attack that enabled a cyber attacker to access data on 156,959 customers over a week in October 2015.
The Information Commissioner ruled TalkTalk had failed “to implement the most basic cybersecurity measures” and fined the firm a record-breaking £400,000. But, the real impact of this attack was that it revealed how unprepared in terms of incident response and disclosure TalkTalk had been.
Initially, it claimed the site was unavailable due to technical issues, but it wasn’t until 24 hours later that it admitted that a attack may have compromised customers’ data. And then things got really weird, with the media being told of a possible distributed denial-of-service (DDoS) attack being responsible for the data compromise (despite this not being possible) and this was followed by TalkTalk CEO Dido Harding insisting that stolen data wasn’t encrypted nor was it legally required so to do.
“This breach highlights the importance of planning and preparing your incident response ahead of time,” said Steve Lamb, head of cyber consulting for Europe at Rapid7. “Having processes and tech in place to detect the early signs of a breach really come into their own in a crisis. Effective and timely communications are important as misinformation simply makes matters worse.”