Last year’s traumatic hack of TalkTalk’s website, which exposed the personal details of 156,959 customers’ (including 15,656 bank account numbers and sort codes), is continuing to have repercussions after Staffordshire Police confirmed that a sixth person had been arrested.
The attack itself was the result of a combined Distributed Denial of Service (DDoS) assault and later an SQL Injection exploit against the ISP’s website (here). So far we’ve seen various UK children and adults being arrested in connection with the hack, including three support agents in India who were working for TalkTalk through their outsourcing sub-contractor Wipro (here).
The latest to be arrested (last week) under the Computer Misuse Act is a 19-year old man from Staffordshire, who apparently handed himself into a local police station and this then triggered a search warrant for a property that is most likely to be his home address. The individual was later bailed until a date in late May 2016, which is the same as other UK linked arrests.
Meanwhile TalkTalk has already suffered a Q4 2015 (calendar) decline in their on-net subscriber base, which fell by -101,000 because of the incident and a related rise in scam calls to affected customers.
Mind you the ISPs customers are by now no strangers to the risk of scam callers and indeed many have been subjected to exactly that sort of con before thanks to two prior breaches, including one in 2014 that the provider was infamously slow to confirm. On top of that the ISP has suffered a sizeable financial hit.
TalkTalk’s Cyber-Attack Impact (Q4 2015 Financial Report)
As a result of a c£15m trading impact arising from Q3 [2015] disruption (higher churn and foregone revenues, offset by SAC savings on lower connections) and a c£20m impact from the lower customer base with which we entered Q4 and reprioritisation of certain Making TalkTalk Simpler activities, we now expect FY16 EBITDA of £255m – £265m.
The exceptional costs of restoring our online capability with enhanced security features, associated IT, incident response and consultancy costs, and free upgrades, are expected to total £40m-£45m.
Since then TalkTalk has fixed up their website and put a lot of effort into customer retention, including various special offers for both new and existing subscribers. The word is that they might now be slowly turning a corner and returning to more positive territory, which may only become clear on 12th May 2016 when their latest results are released.
Meanwhile the ISP’s CEO, Dido Harding, has managed to hold on to the top job despite a series of major mishaps. The UK’s Internet access market would certainly be a lot less interesting without her often outspoken approach, although the provider’s remaining subscribers may have a different opinion.
Comments are closed