- The Washington Times - Wednesday, November 4, 2015

A cybersecurity breach suffered last month by TalkTalk, a British telecommunications company, has become the focus of an official parliamentary inquiry following reports that a fourth person has been arrested in connection to the hack, lawmakers announced Wednesday.

In light of last month’s breach — an intrusion originally thought to have compromised the personal data of upwards of 4 million customers of the London-based telecom — the U.K.’s Culture, Media and Sport Committee said it’s now examining the circumstances surrounding the hack and the wider implications involved.

“The recent events have highlighted serious issues relating both to existing cybersecurity and the response to cybercrime,” committee chair Jesse Norman, a Member of Parliament, said in a statement this week.

Last month’s breach was the third intrusion suffered by TalkTalk in less than a year, and initially was said to have allowed the personal details and bank records pertaining to more than four million customers to become compromised.

The scope of the cyberattack has since been significantly downgraded by TalkTalk, whose CEO said last week that fewer than 21,000 bank account numbers and 1.2 million contact details had actually been hacked.

“Today we can confirm that the scale of attack was much smaller than we originally suspected, but this does not take away from how seriously we take what has happened and our investigation is still ongoing,” said CEO Dido Harding.

British authorities made their fourth arrest Tuesday in connection with the case, apprehending a 16-year-old Norwich boy. Three others from the U.K. — ages 15, 16 and 20 — had already been arrested.

According to the committee’s announcement this week, parliamentarians want experts to submit statements regarding the robustness of the security measures currently used to protect consumers’ digital data, as well as the role and importance of encryption in protecting that data and “the adequacy of the supervisory, regulatory and enforcement regimes currently in place to ensure companies are responding sufficiently to cybercrime.”

The committee plans to hear evidence regarding the inquiry later this month.



Click to Read More

Click to Hide