The Talk Talk hack is shaping up to be an interesting case ….
It is important to remember firstly that they are the victims of a crime, not the perpetrators of one. It’s also (as we write this) much, much too early to offer any kind of diagnostic view or look to judge the reasons for this leak (or apportion blame).
We don’t yet know all the details – but that hasn’t stopped a media frenzy.
On the positive side, it looks like they spotted this hack really fast – the attack was Wednesday (it is reported) and by Thursday they had already escalated to the point where they had got the police involved and gone public.
However, the detection might have been quick; but not quite fast enough to quarantine affected systems or block data losses as they were occurring. This is the real trick – to go from detecting a breach quickly enough to respond (as in this case) to detecting it quickly enough to prevent it.
Talk Talk reportedly can’t say yet what data was involved but they are (fairly sensibly) assuming the worst and giving advice – this could be called a diagnostic failing or a “playing safe” PR strategy, but it is early days and to their credit the level of communication and openness thus far is probably the right strategy. Nonetheless, their share price took an early beating on the stock market.
Every business makes risk management decisions, if an attacker finds a way around those then there is a potential for even a carefully business to be hacked. That doesn’t necessarily imply negligence or under-investment (in this case it is much too early to level those sorts of accusations).
What is clear, once again, is the scale of the problem businesses face – this is by no means the worst hack we’ve seen, or the most badly handled – yet it’s still got them all over the media, worried their customers and impacted their share price. You have to wonder how many businesses out there have been hacked and have gone un-noticed.« Back to Huntsman News & Media Articles