1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

TalkTalk had 'no legal obligation' to encrypt customers' sensitive data

Discussion in 'Network World' started by RSS, Oct 26, 2015.

  1. RSS

    RSS New Member Member

    Potentially as many as four million customers were affected by the cyberattack on UK telecoms provider TalkTalk, yet the company’s CEO Dido Harding admitted that TalkTalk was “not legally required” to encrypt customer data. Harding told the Sunday Times “[Our data] wasn't encrypted, nor are you legally required to encrypt it. We have complied with all of our legal obligations in terms of storing of financial information.”

    While that may be true, such a statement provides little comfort to TalkTalk customers who are targets of high-level social engineering attacks meant to empty their bank accounts.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page