TalkTalk’s security review of suppliers leads to three arrests

3 February 2016

Three workers at a call centre in India used by TalkTalk have been arrested after a security review.

TalkTalk, which was the victim of a cyber attack last October, said it had been conducting a forensic review including its suppliers to ensure that security was robust.

The company said that after working with call centre provider Wipro and the local police in Kolkata, India as part of the review, three people had been arrested.

The company said: “Acting on information supplied by TalkTalk, the local police have arrested three individuals who have breached our policies and the terms of our contract with Wipro.”

TalkTalk added that it was reviewing its relationship with Wipro.

It said it would continue to devote significant resources to keep customers’ data safe and to identify and deal with security issue.

“Data theft and scams are a growing issue affecting all businesses and they are notoriously difficult to investigate and prosecute,” TalkTalk said in a statement. “We are pleased that our investigations have yielded results, and will continue to do everything we can to tackle these crimes.”

In a statement, Wipro said it was committed to maintaining the integrity and confidentiality of all customer data and had a zero tolerance policy on security breaches.

“We would like to reassure our customers that the company continuously evaluates and strengthens its internal processes to protect itself and its customers from any data breach,” the statement said.

“Working with our customer, Wipro reported potential illegal activity to the relevant law enforcement authority in India, as soon as it came to the company's attention. Wipro is working closely with the customer in the investigation and will continue to extend its full co-operation to the investigating authorities.”

The personal details of just under 157,000 TalkTalk customers were accessed in last October’s cyber attack.

TalkTalk said that it could not give further details about the arrests but said there was no evidence to suggest that they related to October’s attack.

A spokesperson said: “We will not work with any supplier anywhere whom we are not confident is capable of keeping customer data safe. We hold all our employees and outsource partners to the same high security standards.”

Central London and Cheltenham
Salaries: Central London: £38,656 - £43,186/Cheltenham: £35,736 - £40,011
Central London and Cheltenham
Salaries: Central London: £48,305 - £56,163/Cheltenham: £45,341 - £53,023
CIPS Knowledge
Find out more with CIPS Knowledge:
  • best practice insights
  • guidance
  • tools and templates