News and Events



TalkTalk' s security breach: a 21st century cautionary tale

View profile for Casian Sala

TalkTalk’s security breach: a 21st century cautionary tale


Many of us will have winced sympathetically as TalkTalk’s Chief Exec Dido Harding was grilled for the hundredth time by newsreaders on every channel over their catastrophic security breach. In what was one of the largest cyber hacks in British history, up to four million of TalkTalk’s customers’ data was stolen, leading to scam calls from cyber-criminals looking to secure information on bank accounts.

TalkTalk’s share price plummeted, as it appeared that the phone company was unable to say quite how many customers had been affected – or even to confirm to anxious account-holders whether their details were safe. And it gets worse: it looks as if TalkTalk are to face rather more piercing questions from the cross-party home affairs committee, with committee chairman Keith Vaz making dark noises about a cover-up of an ‘alarming and unacceptable’ crime.

This latest breach of security for TalkTalk (there had been two previous incidents) was by far the worst, with a couple of teenagers eventually arrested on suspicion of having instigated the attacks – and having sent Dido Harding a ransom demand. It would appear that there had been one key failure on the part of TalkTalk: they had not encrypted customers’ data.

This oversight led to customers allowing cyber-criminals to gain remote access to their laptops – a security nightmare which you’d think was straight out of a Hollywood thriller. As Keith Vaz has pointed out, the TalkTalk case is not isolated, but part of a rather alarming picture of widespread cyber attacks. He said, “The Home Affairs Select Committee concluded in 2013 that we were not winning the war on e-crime, and it is disappointing to see that this is still very much the case.” At Legastat, we know that the benefits of embracing legal tech come with serious risks

. Law firms - as holders of significant sums of client money and sensitive client data – are a key target for cyber criminals, and it is essential that the use of tech innovations such as eDisclosure, eDiscovery, digital bundles and Cloud storage are matched with a rigorous cyber security strategy. If you are looking for expert advice on how to use legal tech without compromising the cyber security of you and your clients, call the expert litigation support professionals at Legastat now.