Credit: TalkTalk

Why TalkTalk's relatively minor cyber attack cost it £42m

The telco is back on its feet but is still counting the cost of last year's data breach.

by Jack Torrance
Last Updated: 20 May 2016

The cyber attackers that allegedly hacked TalkTalk last year didn’t steal anything particularly valuable. Less than 4% of its customers had their sensitive details accessed, but the reputational and cleanup costs for the telecoms company have been massive.

Today in its final results TalkTalk said the total cost of the attack was £42m, which resulted in a halving of its pre-tax profits to just £14m. And that's before you include the cost of lost revenues. How can an attack that steals almost nothing cost a company so dearly?

Well, for a start it had to ramp up spending on dealing with customers. It’s not hard to imagine the phones in TalkTalk’s call centres were ringing non-stop as panicky people, worried their life savings were about to fall into the wrong hands, called up to demand more information. It had to hire additional ‘call centre agents’ as a result. The figure also reflects increased marketing and communications costs – TalkTalk’s PR consultants likely had a busy end to their year.

Then there was the cost of actually sorting out its website’s security. Having been caught with its pants down you can be sure TalkTalk doesn’t want something like this to happen again. Consequently TalkTalk says part of the £42m was spent on ‘the costs of restoring our online capability with enhanced security features.’

The company also had to open its wallet to retain customers. In November, to 'thank customers for their continued understanding', it offered existing subscribers free upgrades, including TV packages, mobile SIM cards and free landline calls, and a package of new security features. That can’t have been cheap but it was probably worth it. Although the company lost around 100,000 subscribers in the three months to December, its so-called ‘churn rate’, a measure of how many customers are leaving, hit a record low in the first three months of this year. 

TalkTalk says that ‘illustrates the speed with which customer sentiment towards TalkTalk has recovered,’ but it could be that many of those customers who were already drifting towards the exit door were given an immediate reason to switch provider in October – meaning there were fewer people looking to leave in the following quarter.

Still, it seems like TalkTalk had a lucky escape, all things considered. Shareholders may miss the £42m but the company’s revenues were actually up 2.4% over the full year to £1.84bn and it says it is expecting a 'robust' performance this year. Nonetheless this serves as a cautionary tale. If a greater proportion of customers’ financial details had been nicked then the situation could be looking much worse.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

What they don't tell you about flexible working

The realities of ditching the nine to five don't always live up to the hype....

The business case for compassion: Nando's, Cisco and Innocent Drinks

Consciously, systematically humane cultures reap enormous benefits, argues academic Amy Bradley.

“I have great respect for the capital markets, but I don’t want their ...

Exclusive: PA Consulting CEO Alan Middleton on acquisition bids, growth strategy and life after private...

Dame Inga Beale: “I was told I didn’t deserve to be alive”

The former CEO of Lloyd's of London reveals the leadership lessons that shaped her career...

Read like a CEO: James Reed

The recruitment boss discusses the books that give him business ideas and management inspiration.

What British business can learn from the French

Forget the cliches - our old rival is hotbed of management innovation and is leading...