This is the third hack for TalkTalk this year, if I remember correctly.
TalkTalk are notorious for cutting costs wherever they can - and it shows with the quality of service and how good the customer service is when it inevitably goes wrong. In this case it seems to extend to their information security budget
They've done well because the British public seem to be obsessed with going for the cheapest, not the best - so they can sell broadband at £2.50 a month or whatever (not an exaggeration, it's a real price, but you must buy a phone line from them at £17 a month) and people go for it - and just put up with it if it turns out to be crap.
Unfortunately the UK government can't levy truly massive fines at them - I've heard it can only be £500k maximum.
»
paul.reviews/value-secur ··· alktalk/ shows some interesting issues well over a year ago, showing that they weren't getting the basics right even then