Must be nice when your husbands an M.P. it must make these things a lot easier.
She said the company had wanted to inform customers of the breach sooner, but had been advised by police not to do so. "One of the most difficult periods was the first 36 hours of the attack," she said. The company had received a ransom demand and had informed the police. "The next day it was very clear there was a real risk material number of customers data stolen."
Let me dissect this, someone is ransoming you directly probably in a way they think they won't get caught. Why would you want to hide this? Would they then not accept the ransom and just release the data, unlikely.
It seems to me that by not releasing the fact they had been hacked put people in danger of their information being used for nefarious purposes which is just not on. Surely someone on the select committee should have raised this issue?