The TalkTalk breach
TalkTalk suffered a data breach in October 2015 resulting in the theft of personal data, Hawthorne says. Full details of the loss are available in other articles, so theres no need to go into the technical details here. There was a huge amount of publicity in the UK, during the first few days the situation and amount of data lost were not clear. In the end, 156,959 sets of personal details were stolen and 15,656 of these included bank account details. The company contacts each of its customers trying to reassure them and provided a free credit monitoring subscription for a year in case other data had also been lost and was misused.
The initial breach impact
In the following financial results, the company admitted to lost customers, direct costs to the business of £60,000,000 and a revenue drop of £80,000,000, Hawthorne writes. A subsequent review of the total market showed that they had lost 4.4% market share. On year later, in October 2016, TalkTalk was fined £400,000 by the Information Commissioners Office (ICO) for the incident. The fine is the highest ever imposed by the ICO, with TalkTalks lack of cybersecurity cited for the amount. The Information Commissioner, Elizabeth Denham, said that TalkTalks failure to implement the most basic cybersecurity measures allowed hackers to penetrate systems with ease. While in the eyes of some the fine may seem high, its only £2.50 per impacted customer. This breach can be examined further and there are key lessons all businesses should learn.
1.<TAB>The total cost of a data breach isnt always obvious
While the £400,000 fine is substantial, its really just the tip of the iceberg in regards to how much the data breach actually cost, Hawthorne explains. There were so many other financial repercussions which, to some other firms, may have been fatal. There was the 11 percent drop in share price, as well as the loss of 101,000 existing customers and potential future ones. All in all, when remediation costs are included too, TalkTalk calculated that the breach cost it more than £80 million in revenue. Thats hardly pocket change.