ICO - No power tp intervene at all.
The information Comissioner's Office advised me when I complained about a bank failing to send copies of my statements that I should ask for my bank charges refund via the Financial Ombudsmen Service (anothe QUANGO) who have actually suspended dealing with complaints until the test case is resolved.
If I hadn't been a retired impoverished lawyer I would have been stuck waiting forever to get my money back. As it is I issued a summons, got five grand and am still waiting for the statements. The ICO actually has no powers at all - they should be making sure that the victims are protected and prosecuting the pea brains responsible.
Every customer affected should issue a claim, there is no costs risk up to five grand, if there are even only a couple of thousand summonses issued they are finished.
It may not be their fault that they got hacked but their failure to consider the implications of their approach demonstrates a failure to apply basic logic to very simple problems. So my guess is that it's a straightforward case of negligence, of such crass stupidity that they have probably lost the lot: bank details, addresses, dates of birth, customer databases, phone numbers, emails, purchase history, card numbers, cvv numbers - everything. And who knows how long it has been missing. Fasthosts won't that's for sure: don't know their arses from their elbows lets face it.
As customers, many of whom may have effectively been shut down by these lamers, we should retaliate. My password still doesn't work even after they sent the postal one.
As a community of webmasters, internet businesses and hobby site owners we should make a stand and take them out. The press releases are enough to get summary judgement in my view.