TalkTalk, who was issued a £400,000 fine in October for its failure to prevent a 2015 hack, has now been hit with a £100,000 fine by the Information Commissioner’s Office for failure to to look after its customers’ data and leaving it at risk of falling into the hands of scammers and fraudsters:
An ICO investigation found TalkTalk breached the Data Protection Act because it allowed staff to have access to large quantities of customers’ data. Its lack of adequate security measures left the data open to exploitation by rogue employees.
The breach came to light in September 2014 when TalkTalk started getting complaints from customers that they were receiving scam calls. Typically, the scammers pretended they were providing support for technical problems. They quoted customers’ addresses and TalkTalk account numbers.
Read more on the Information Commissioner’s Office.