TalkTalk fined £100,000 as “rogue staff” grab customer data

TalkTalk fined £100,000 as “rogue staff” grab customer data

Wednesday, 16 August, 2017

TalkTalk are the latest ISP to be slapped with a six-figure fine after failing to keep customers’ data safe.

The Information Commissioner’s Office laid the £100,000 fine on TalkTalk after finding the firm risked personal data falling into the hands of hackers, con-men and scammers.

An ICO investigation found that TalkTalk staff had wide access to its customers personal details. Lax security measures also made it more likely that ‘rogue employees’ could take advantage of valuable data relatively easily.

Staff – including outside IT consultants – could log into TalkTalk’s systems from any internet-enabled device and view up to 500 customer records at a time.

The failings came to light in September 2014 when customers began complaining to TalkTalk that they were getting multiple scam calls.

Scammers usually pretended they were tech support for TalkTalk and had correct customer numbers and addresses.

TalkTalk put the personal data of 21,000 customers at risk, the ICO ruled.

TalkTalk blamed “rogue employees” at Indian IT support firm Wipro, who were supposed to be resolving high-level complaints, for stealing customer data.

Around 40 employees at the outside contractor had wide-ranging access to the personal details of between 25,000 and 50,000 TalkTalk customers.

The ICO found this level of access was unjustifiably wide-ranging and put the data at risk.

Information Commissioner Elizabeth Denham said: “TalkTalk may consider themselves to be the victims here. But the real victims are the 21,000 people whose information was open to abuse by the malicious actions of a small number of people.

“TalkTalk should have known better and they should have put their customers first.”

Tom Rodgers author picture


Tom is a tech journalist and former Editor at

News What's the story?

Keep up with the latest developments in UK broadband.

Google’s cloud gaming service to launch in November

More details about Stadia's release, requirements, and expectations.

Google’s cloud gaming service to launch in November Read more

Three launches 5G, EE complains about it

Three's marketing angers competitors over "false" 5G claims.

Read more

KCOM buyout means more fibre for Yorkshire

Hull's homegrown ISP sells for more than half a billion.

Read more

Virgin gigabit trials begin in Southampton

Nationwide gigabit takes a big step forwards with Virgin's new network upgrade.

Read more

Help Learn with us

Make the most of the internet with our broadband library.

How to get the best student broadband

How to get the best student broadband Read more

Broadband Jargon Buster

Get to grips with some commonly misunderstood tech terms!

Read more

Signs your computer may have a virus

Read more

What are the risks of using public WiFi?

Read more
Back To Top