In 2015, TalkTalk suffered from a data breach. While fines have been levelled, customers are still feeling the consequences.
We’ve reported on two data breaches already this month. First, there was the data breach which saw companies like Toshiba, Porsche, and BT having their customer information exposed. Then, there was the mysterious data breach that saw 40% of the entire population of Australia exposed.
Both of these breaches, like almost every other breach, are serious in nature. People’s personal information are, indeed, being exposed. Security experts have no problem explaining that this kind of information can be used by spammers and identity thieves (depending on what kind of information is exposed). Certainly, outlets can report on such major breaches. Outlets also can easily report on high profile arrests or major fines levied against companies after a breach took place. Sometimes, we even hear about class action lawsuits as well.
Of course, once the headlines die out, it doesn’t mean that the information simply vanishes into thin air. That data still quietly drifts around the dark recesses of the Internet waiting to be downloaded or bought and sold. Years after a breach takes place, people can still feel the consequences of a data breach. After all, it is innocent people that are being screwed over in the end.
That’s what makes a recent BBC article such an informative read. In 2015, TalkTalk suffered a data breach. Over 100,000 customers information was exposed. A fine was issued against TalkTalk that, at the time, was huge. Reading through the article, it seems that TalkTalk feels that they have moved on. Of course, data thieves and spammers certainly haven’t with such a trove of information. A couple of people spoke to the BBC of what they have experience since the breach:
For the last two years Alan, not his real name, has had his phone, email and bank account bombarded with a series of fraudulent attacks.
Whilst Alan will never know if the attacks were a direct result of the TalkTalk data breach, he feels the details leaked are enough to allow fraudsters to impersonate him.
Alan said he felt “extremely uncomfortable” after Watchdog Live showed him that they were able to find his bank account number, sort code and other personal information online.
“I think they’ve failed their customers on a gigantic scale,” he added.
Watchdog Live also spoke to Maureen, not her real name, who was shocked to discover that her details were breached in 2015.
At the time, Maureen was told by TalkTalk that her details had not been stolen.
Maureen has been in touch with TalkTalk on multiple occasions, most recently in May of this year, to raise concerns that her details had been compromised.
But TalkTalk continued to insist that they hadn’t. Watchdog Live’s investigation found Maureen’s sensitive data through a simple online search.
Maureen told the programme: “I’ve been asking this question since 2015. I’m suffering now for something that I know nothing, absolutely nothing, about.
“I knew something was not right and I kept insisting and they avoided every single time I asked the question ‘have my details been compromised?'”
This article is quite extensive on what happened with the breach and the lingering consequences of the breach. These customers did nothing wrong throughout this incident, had no role in securing the information at TalkTalk as far as the breach is concerned, and yet they are still suffering the consequences four years later.
Of course, while a simple Google search would almost suggest that no one is doing anything about the information floating around online, removing that information from the web is pretty much impossible. The damage is already done.
So, when we talk about data breaches and leaks – especially cases that involve information that can be used to steal someones identity – we know lives can be damaged or ruined. It’s not just a number. It’s innocent people that are being hurt in the end. With these incidences happening on a very routine basis, it stands to reason that we are going to continue to have more and more incidences of people suddenly having to fend of phishing attacks and identify theft attempts. It’s a big problem with no resolution in sight for the time being.