TalkTalk Plummets on Security Woes

Fallout from the security breach to have hit the UK's fourth-biggest broadband operator is worsening.

Iain Morris, International Editor

October 26, 2015

3 Min Read
Light Reading logo in a gray background | Light Reading

Shares in embattled UK broadband operator TalkTalk fell sharply again Monday morning despite the company's efforts to quell concern about the cyber attack it suffered late last week. (See Eurobites: TalkTalk Rocked by Cyber Attack.)

A number of TalkTalk customers complained their bank accounts had been accessed and funds withdrawn after the operator revealed it had been hit by a massive DDoS attack on October 22.

Hackers appear to have stolen customer data that included details of bank accounts, email addresses and dates of birth, with reports suggesting the UK's fourth-biggest broadband operator had neglected to encrypt this information.

In a statement issued Saturday morning, TalkTalk, which has more than 4.2 million fixed line customers across the UK, tried to downplay fears, insisting the attack had targeted its website rather than its "core systems" and that hackers would not have been able to access credit card details.

"We now expect the amount of financial information that may have been accessed to be materially lower than initially believed and would on its own not enable a criminal to take money from your account," said the company.

Nevertheless, the operator's share price had tumbled by around 9% on the London Stock Exchange at 11.00 a.m. as investors assessed the ramifications of the attack.

The operator's share price had dropped sharply on Friday morning following initial reports of the cyber attack, but it managed to stage a partial recovery later in the day.

The emerging view seems to be that TalkTalk did not take security issues seriously enough or that its low-cost operating model led to under-investment in vital areas.

Confidence in CEO Dido Harding will also have fallen after she was reported to have said she did not know whether or not TalkTalk had encrypted its customers' bank details.

Learn more about how to keep networks and customer data secure at our upcoming Carrier Network Security Strategies event in New York on December 2, featuring keynote speakers from AT&T, Facebook and more.

One question is whether TalkTalk's troubles trigger more widespread concern about industry shortcomings in the security space.

Shares in rival Sky were also down 1.4% on Monday morning, although UK incumbent BT Group plc (NYSE: BT; London: BTA) had seen no significant change in its share price.

Patrick Donegan, chief analyst with Heavy Reading , says the telecom industry is generally perceived to be doing a better job on security than other sectors, while noting there are evidently stragglers.

"Surveys from Cisco and others have consistently shown that telcos and ISPs tend to have better security protections in place than other vertical industry sectors," he says. "If an example were needed that this doesn't apply universally within the telco sector and that there are no grounds for complacency, this is certainly it."

"The fact that the CEO doesn't even seem to know whether or not the customer bank records were encrypted is pretty poor," adds Donegan.

One problem for TalkTalk is that its low-cost model is inviting suggestions the operator may have been prepared to cut corners to protect margins.

TalkTalk has undoubtedly come under renewed pressure from BT in the era of high-speed fiber broadband services, complaining the incumbent's position as infrastructure owner and retail rival allows it to squeeze TalkTalk and other broadband players on pricing.

Harding is one of a number of telecom industry executives calling for tougher regulation of BT. But in trumpeting her competition concerns so loudly, and attracting closer scrutiny of TalkTalk's operating model, she may have inadvertently made the present nightmare even worse.

— Iain Morris, Circle me on Google+ Follow me on TwitterVisit my LinkedIn profile, News Editor, Light Reading

Read more about:

Europe

About the Author

Iain Morris

International Editor, Light Reading

Iain Morris joined Light Reading as News Editor at the start of 2015 -- and we mean, right at the start. His friends and family were still singing Auld Lang Syne as Iain started sourcing New Year's Eve UK mobile network congestion statistics. Prior to boosting Light Reading's UK-based editorial team numbers (he is based in London, south of the river), Iain was a successful freelance writer and editor who had been covering the telecoms sector for the past 15 years. His work has appeared in publications including The Economist (classy!) and The Observer, besides a variety of trade and business journals. He was previously the lead telecoms analyst for the Economist Intelligence Unit, and before that worked as a features editor at Telecommunications magazine. Iain started out in telecoms as an editor at consulting and market-research company Analysys (now Analysys Mason).

Subscribe and receive the latest news from the industry.
Join 62,000+ members. Yes it's completely free.

You May Also Like