Credit: TalkTalk

Why TalkTalk's relatively minor cyber attack cost it £42m

The telco is back on its feet but is still counting the cost of last year's data breach.

by Jack Torrance
Last Updated: 20 May 2016

The cyber attackers that allegedly hacked TalkTalk last year didn’t steal anything particularly valuable. Less than 4% of its customers had their sensitive details accessed, but the reputational and cleanup costs for the telecoms company have been massive.

Today in its final results TalkTalk said the total cost of the attack was £42m, which resulted in a halving of its pre-tax profits to just £14m. And that's before you include the cost of lost revenues. How can an attack that steals almost nothing cost a company so dearly?

Well, for a start it had to ramp up spending on dealing with customers. It’s not hard to imagine the phones in TalkTalk’s call centres were ringing non-stop as panicky people, worried their life savings were about to fall into the wrong hands, called up to demand more information. It had to hire additional ‘call centre agents’ as a result. The figure also reflects increased marketing and communications costs – TalkTalk’s PR consultants likely had a busy end to their year.

Then there was the cost of actually sorting out its website’s security. Having been caught with its pants down you can be sure TalkTalk doesn’t want something like this to happen again. Consequently TalkTalk says part of the £42m was spent on ‘the costs of restoring our online capability with enhanced security features.’

The company also had to open its wallet to retain customers. In November, to 'thank customers for their continued understanding', it offered existing subscribers free upgrades, including TV packages, mobile SIM cards and free landline calls, and a package of new security features. That can’t have been cheap but it was probably worth it. Although the company lost around 100,000 subscribers in the three months to December, its so-called ‘churn rate’, a measure of how many customers are leaving, hit a record low in the first three months of this year. 

TalkTalk says that ‘illustrates the speed with which customer sentiment towards TalkTalk has recovered,’ but it could be that many of those customers who were already drifting towards the exit door were given an immediate reason to switch provider in October – meaning there were fewer people looking to leave in the following quarter.

Still, it seems like TalkTalk had a lucky escape, all things considered. Shareholders may miss the £42m but the company’s revenues were actually up 2.4% over the full year to £1.84bn and it says it is expecting a 'robust' performance this year. Nonetheless this serves as a cautionary tale. If a greater proportion of customers’ financial details had been nicked then the situation could be looking much worse.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Reopening: Your duty is not to the economy, it’s to your staff

Managers are on shaky ground if they think they can decide for people what constitutes...

How COVID changes the world forever: A thought experiment

Silicon Valley ‘oracle’ Tim O’Reilly imagines how different sectors could emerge from the pandemic.

The CEO's guide to switching off

Too much hard work is counterproductive. Here four leaders share how they ease the pressure....

What Lego robots can teach us about motivating teams

People crave meaningful work, yet managers can so easily make it all seem futile.

What went wrong at Debenhams?

There are lessons in the high street store's sorry story.

How to find the right mentor or executive coach

One minute briefing: McDonald’s UK CEO Paul Pomroy.