Specialist Lawyer Says It Is A Stark Reminder Of Financial And Reputational Risks Of Not Taking Cyber Security Seriously
TalkTalk, the national broadband provider, has revealed the extent of its financial loss following the high profile cyber-attack that it suffered in October 2015.
The security breach, which resulted in the personal data of nearly 160,000 people being accessed and involved 21,000 bank account numbers and sort codes being accessed, led to TalkTalk losing over 100,000 subscribers in its third quarter as result.
TalkTalk says total revenues grew 2.4% to £1.83bn in the 12 months to 31 March 2016 but that profits fell to £14m compared with £32m in the previous year.
That fall is partly due to the costs of last year's serious cyber-attack, which cost the company £42m.
Dino Harding, TalkTalk’s chief executive, said: "I am actually very encouraged by the way the business has bounced back so strongly in the last quarter. The customer base has really stabilised and this is testimony to the fact that our customers really appreciated our open and honest approach and how we tried to look after them through the cyber-attack."
Expert Opinion
This is a stark wake-up call for businesses in relation to cyber-attacks. Crime of this nature is overtaking physical crime and businesses must not bury their heads in the sand and hope that the issue simply goes away or that it will not happen to them. As we have seen here, the reputational and financial impact can be very significant.
It is impossible to prevent a determined cyber-attack but a business can take steps to mitigate risks which includes taking appropriate technical and organisation measures to prevent unauthorised access or accidental loss of personal data.
What is appropriate for one business might not be suitable for another but where an organisation handles significant volumes of personal data then it surely has a higher burden to have technical measures such as firewalls, malware protection, encryption, passwords and constant monitoring so as to safeguard the personal data it holds.
Georgie Collins - Partner
Irwin Mitchell can provide support for businesses which are concerned about the dangers posed by cyber-attacks.
Irwin Mitchell can help in the first instance by minimising the threat of attack by ensuring the right risk management systems and procedures are in place that help mitigate against an attack/data breach. This includes a holistic assessment of network and data security; advice on strategies to comply with relevant industry regulations; assessing the supply chain and third parties who interact with your systems and managing people risk’s.
It’s important to plan for the unthinkable and what you do, we can help you prepare and take action to deal with an attack or breach if it does occur so as to contain it and limit the financial and reputational damage that can result.