Tens of thousands of television viewers who have entered their details on the TV Licensing website in the past few weeks are being urged to check their bank statements for suspicious transactions following a data breach.
Transactions carried out on the website were not as secure as they should have been between the 29 August 2018 to 5 September 2018.
In a statement to the public, TV Licensing announced it’s been “alerted to an issue” regarding its website security. Despite this, there’s no evidence suggesting the website has been subject to an attack or that their security has been compromised.
The company believes the issue did not affect credit and debit card details, but names, emails and phone numbers instead. Nevertheless, customers who entered bank details including their sort code and account number between the above dates should be extra vigilant.
Ilia Kolochenko, CEO, High-Tech Bridge, comments: “This particular breach is a good example of a timely disclosure, but poor internal security likely caused by fear of sanctions under GDPR and focus on paper compliance.
“Many companies seriously underestimate, not to say ignore, the importance of web application security. Worse, many C-level executives have been so frustrated by GDPR and exaggerated claims about financial penalties it may impose that they prioritised paper-based compliance instead of practical implementation of cybersecurity. In some companies, the burden of GDPR was not even alleviated by a proportional cybersecurity budget increase, forcing security professionals to juggle with scanty resources and understaffed teams.”
Kolochenko also notes that customers who frequently make online payments should use a dedicated credit card with a fixed limit and instant notification about any transactions. Unique and strong passwords enhanced by 2FA is also a must-have.
Written by Leah Alger