TalkTalk's Sharing Customer Data But it Simply Doesn't Care

By Gary Cutlack on at

UK mobile network TalkTalk has been taking a rather odd stance on the security of its customers' data, adopting the standpoint that leaked files aren't its problem if they're on someone else's server.

The issue has come about due to a security breach at Greystone Telecom, a subsidiary of TalkTalk that services business users. Customer contracts, sales orders and business details were stored on a Microsoft server that allowed anonymous access, meaning Google's bots found their way in and cached a huge amount of confidential data.

TalkTalk's response was the staggering: "It's not one of our servers, so it's not our problem," because the data is being stored on a Demon internet server used by Greystone.

We suspect TalkTalk might be along with a more considered answer to the problem, once users implicated in the data hole realise what's happening. [The Register]

Image credit: Fibre from Shutterstock

Update: TalkTalk's got in contact with use to say that it does indeed care about all this:

“We take data protection very seriously and have launched an investigation. We have established that the data did not come from any of our servers or any of our contactors’ servers, and that our firewalls and security procedures are functioning properly."

“We are working to identify the IP address from which this data was disseminated, and are in contact with the appropriate authorities.”