LONDON (Reuters) - Britain’s data protection regulator said on Wednesday it fined British broadband provider TalkTalk (TALK.L) 400,000 pounds for security failings that allowed hackers to launch a cyber-attack last year.
The Information Commissioner’s Office (ICO) said TalkTalk could have prevented the attack last October if it had taken basic steps to protect customers’ information, and described how the hackers accessed data “with ease”.
Information Commissioner Elizabeth Denham said TalkTalk should have done more to safeguard its customers.
“Today’s record fine acts as a warning to others that cyber security is not an IT issue, it is a boardroom issue,” Denham said in a statement.
The attack affected around four percent of the company’s 4 million customers and cost it around 60 million pounds.
Reporting by Sarah Young; editing by Stephen Addison