Cyber Security Lead at Mishcon de Reya comments on TalkTalk's record fine over cyber attack
Comment for immediate release
Commenting on TalkTalk's fine for poor website security leading to the theft of the personal data of almost 157,000 customers, Mishcon de Reya's Cyber Security Lead Joe Hancock said:
"The fine against TalkTalk is the biggest to date as a result of the company not implementing basic levels of protection. It is clear that security has not always been prioritised in the way it is now.
"However £400,000 is still a relatively small fine compared to the potential fines that will be levied under the General Data Protection Regulation (GDPR) - the greater of up to 4% of global turnover or €20 million. For TalkTalk this could have been over £70 million.
"We expect to see further examples made of companies who fail to take cyber security as seriously as they would other risks. Implementing basic cyber security protections will go a long way to protecting customers data and company reputations.
"The question now remains whether the responsibility for the fine is with TalkTalk itself, or should be shared between their service providers and suppliers. These issues are likely to become more pressing as the size of fines increases under GDPR."
For more information: firstname.lastname@example.org