TalkTalk has conceded it could face a compensation bill running into millions of pounds for customers whose bank accounts may have been made vulnerable.

Former home office minister Hazel Blears said the breach was "a wake-up call" that should prompt debate about further regulation, adding that "this is probably the biggest threat to [the UK] economy".

The most worrying thing about the incident is that TalkTalk has been accused of ignoring warnings that it was vulnerable to such attacks. The company says it's preparing to investigate thousands of cases. That's a bit like closing the stable door after the horse has bolted. But at least the attack may well finally prompt a much-needed rethink on security breaches.

That's something that can't happen fast enough. Hack attacks on well-known companies hit the headlines on a regular basis now and, no doubt, countless more go unreported. Yet, amazingly, many organisations still don't take the threat seriously.

Remember, we are talking about hackers being able to reach into the heart of a company and do anything they want, from stealing data for gain to releasing data to the public, from encrypting data and demanding a ransom to using a company's devices to attack a third party, to simply destroying everything for "fun" or profit.

In Hong Kong, companies are often even less diligent than in the UK. They need to wake up to the very real danger. TalkTalk is only one in a long line of companies globally to be hacked: Sony, Home Depot, JP Morgan, Target and eBay - the list goes on.

The resulting theft of collective data is incredibly worrying. Advice to "change your password" is all very well, but what about your bank account number, your home address, mobile phone number, ID card number and indeed your name? Cybercriminals are building larger and larger databases of indelible information about all of us.

The potential for damage is staggering. Yet most organisations are still asleep at the wheel.