We don't yet know the details but, even without this latest hack, it's clear data breaches are likely to become more common. This creates dilemmas both regulators and firms.
Regulators need to decide what standards firms need to meet - are we aiming for Fort Knox-type security - and consequently how much they expect firms to spend on protecting their customers' data, with all its implications for competition etc.
Meanwhile, firms' overall strategy and communication around technology and data will become increasingly key, and a major factor in their reputation with both regulators and consumers .
The information stolen includes names, addresses, phone numbers, bank account numbers and sort codes.Prof Alan Woodward, a cybersecurity expert at the University of Surrey, said it was "looking like one of the biggest" data breaches in the UK involving financial information.