The most recent TalkTalk data breach, the latest in a string of cyber security attacks across the globe, not only urges customers to think about the safety of their information, but also encourages organisations to reconsider their backup and archive storage activities.
TalkTalk has asserted that only its website was attacked –not its core systems. This would mean only partial credit card numbers were exposed, making them theoretically useless to cyber criminals. Customers are disagreeing, saying that their credit cards and bank cards have been targeted since the attack.
The latest breach is the third in a spate of cyber-attacks affecting the company in the last eight months. In August its mobile sales site was hit. In February customers were warned about scammers who stole thousands of names and account numbers from TalkTalk computers.
TalkTalk may also face huge fines as a result of its cyber security attack. Though the recent Sony attack cost the media giant around $8 million, TalkTalk may face charges high enough to put the business in jeopardy. The data breach is under investigation by the Information Commissioner’s Office (ICO), which is currently empowered to impose a monetary penalty of up to £500,000 if TalkTalk is found guilty of severe data protection failings.
We also know that the data breach may have included a ransomware component. Officers are examining a ransom demand sent by someone claiming to be responsible for the attack and seeking payment – but TalkTalk said it is not yet clear if the message is genuine.
Scotland Yard and the National Crime Agency have launched investigations, and one arrest has been made so far.
A TalkTalk-like fiasco can be avoided by your organisation. Don’t allow all of your data to reside online in the cloud. Instead, employ a hybrid storage approach that ensures you keep at least one copy living offline and offsite—out of the physical reach of those who would do your business harm. For tips on how to choose a smart storage solution, download our free whitepaper: “Tape and Cloud: More than a Marriage of Convenience.”
I’ll leave you with a quote from Dido Harding, Chief Executive of TalkTalk, who says: “Digital safety is no different to physical safety. You can do your upmost to minimise it. You can arm yourself to protect yourself, but in the end there are criminals everywhere and that’s the way of the world. It’s usually tempting to say there will never ever be another attack but that would be naive.”
Where does your data live?