SlideShare a Scribd company logo

TalkTalk Data Breach Case Study

Download as PPTX, PDF
Charlie Pownall
Charlie Pownall

Case study setting out TalkTalk's response to and the impact of its October 2015 data breach

Business
1 of 33
Data Breach October 2015 1 Reputation risk management / Crisis management & communications / Cyber & data privacy communications
2 Background
3 • 2003: founded as subsidiary of Carphone Warehouse • 2006: ‘Free broadband forever’ campaign marred by long waiting lists, poor service delivery, Advertising Standards Association (ASA) complaints • 2010: Dido Harding appointed CEO, demerges, lists • 2010: company publicly criticised by ICO for intrusive telephone marketing; discovered to have been incorrectly billing 65,000+ customers by Ofcom • 2012: second to market with integrated TV/broadband/phone/mobile bundle • Regularly rated amongst the worst UK landline and broadband service providers • The company suffers two data breaches earlier in 2015, and its share price had fallen 30% in the six months prior to its third breach TalkTalk – 2003-2015 Source: Ofcom - 2013, Which - 2015
4 Source: MarketForce - 2016 TalkTalk – customer loyalty (composite, 2015)
5 TalkTalk – financials (FY 2014) Source: TalkTalk – 2014
6 TalkTalk – non-financials (FY 2014) Source: TalkTalk – 2014
7Sources: Brand Finance, June 2015 TalkTalk – brand value (2015)
8Source: Reputation Institute, 2016 TalkTalk – corporate reputation (2015)
9 Incident
10 • DDoS attack followed by SQL injection by unknown assailant(s) takes down company website • TalkTalk updates website homepage to acknowledge attack and within 24 hours notifies regulators and customers of data breach and appoint external cyber investigators • With 4 million customers’ data at risk, initial media reports focus on the sources and impact of the attack • Hackers then post TalkTalk customer data online and demand ransom, triggering rumours and media coverage about customer fraud, and raising questions about the company’s security practices and honesty • TalkTalk claims attack had not affected ‘core systems’; with customers trying to break their contracts, the company offers to waive its customer termination fee • ICO regulatory investigation results in record GBP 400k fine; wide-ranging parliamentary enquiry into cyber security praises TalkTalk’s ‘strong crisis management response’ but is critical of its failure to plan properly for a cyber attack of this scale • Teenager attackers later convicted and jailed TalkTalk data breach – overview Source: UK Culture, Media & Sport Select Committee, 2016
TalkTalk Data Breach Timeline – Oct/Nov 2015 Oct 21 22 23 24 25 26 27 28 29 30 31 Nov 1 2 3 4 5 6 7 8 9 10 Oct 21 22 23 24 25 26 27 28 29 30 31 Nov 1 2 3 4 5 6 7 8 9 10 Oct 21 22 23 24 25 26 27 28 29 30 31 Nov 1 2 3 4 5 6 7 8 9 10 TalkTalkMedia/socialmediaSharepriceExternalactors Cyber-attack Formally raised in Parliament, teenage hacker arrested & bailed Confirms 21k customers affected, 28k cards accessed, 1.2m customer details stolen Announces 12 months free credit monitoring with Noddle Police launch criminal investigation, ‘TalkTalk Hackers’ post data to Pastebin Second arrest Confirms 157k customers affected, 16k customers’ bank details & 28k ‘orphaned’ customer cards accessed Publicly confirms cyber-attack, notifies ICO Publishes update, states attack not on ‘core systems’ Detects DDoS attack, takes down customer website Publishes update, responds to Police arrest Publishes update, announces termination fee waiver House of Commons Culture, Media & Sport Committee launches inquiry Fourth arrestDDoS attack The Register reports website outage, customer complaints via email, social media Hackers send ransom to TT CEO Media/online speculation on attack origin Complaints about scams Customer letter distributed and published on TT website Customers complain of poor customer service, unusual account activity Coverage of fraudulent credit card activity Senior MP accuses TT of ‘cover-up’ & calls for inquiry Third arrest Suspect’s lawyers file privacy suits against Google, Twitter and three national newspapers Widespread negative reaction to TT confirmation of unencrypted data Customers complain of not being allowed to terminate contracts Confirms investigation by specialist cybersecurity firm 11
12 • Unclear nature of attack and motivation of attacker(s) • High visibility of attack due to its nature, scale and duration, the perceived quality of TalkTalk’s response, and recent data breaches at TalkTalk and other companies • The company’s historic reputation for poor quality product and customer service and, in the aftermath of the attack, its IT security • Ongoing rumours and scams involving TalkTalk contribute to fears about bank account info, rumours about customer fraud, and links to terrorism • A skeptical, combative media and blogosphere • Regulatory, parliamentary and criminal investigations into the attack • Thin leadership understanding of cybersecurity • Deepening pressure on TalkTalk’s CEO to resign Significant reputational challenges
13 • Attack nature and consequences • Source of attack • Impact on company operations • Impact on share price • Rumours of customer fraud • Safety of customer bank info • TalkTalk IT security practices • Data encryption • Tiscali integration TalkTalk data breach – talking points • Quality of TalkTalk response • Communications speed and accuracy of statements re number of customers impacted and types of data involved • Customer termination waiver fee • IT security fix • TalkTalk leadership & governance • CEO visibility, acknowledgement & apology • Board cybersecurity knowledge • Focus on top-line growth to the detriment of IT security, privacy, etc
14
https://www.youtube.com/watch?v=apV5Q_f7KH0 15
16
17
18
19
20 Impact
21Source: City AM, 2015 Immediate share price impact
22 Immediate reputational impact Source: Alva, 2015
23Source: Alva, 2015 Immediate relative reputational impact
24
25 • Share price: -29% • Pre-tax profit: -56% • Customers: -100,000 • Financial costs: £60m – IT security – Legal – Marketing – Customer service Six-month impact (May 2016) • Customer satisfaction: +23% • Customer complaints: -44% • Customer churn rate: -0.1% • Trust in brand: +8% Source: TalkTalk, May 2016
One-year impact (Oct 2016) Financial impact • Legal, IT, customer service, PR costs - £60m Financial performance • Customers -100k • YOY revenue +2.4% • YOY profits -56% • Share price -29% Reputational impact • Significant loss of customers due to poor IT security, contract terminations, customer support • High profile parliamentary inquiry into cybersecurity and privacy • Record ICO £400k fine; subsequent 100k fine for failure to prevent Wipro customer service scams • CEO resignation Reputational performance • Company reputation lagged peers by 2-3% • Customer satisfaction +23% • Trust in brand +8% 26
27 Source: Ofcom, Dec 2016
28 Lessons & Implications
• Speed and transparency of communications response • Dido Harding’s visibility, acknowledgement of responsibility, apology, and empathy during and after the crisis • The responsiveness of the company’s social media team What went well 29
• Sometimes muddled and seemingly evasive nature of statements regarding the source, timing, size and impact of the breach, and about the types of data involved, encryption, and contract terminations • Victimhood claim when the breach was not an isolated incident and when TalkTalk seen as unprepared and selective with the facts • Decision to respond initially through the mainstream media, leading customers to complain of lack of direct communication by TalkTalk • Need for greater leadership and management knowledge of cyber attacks, customer security, technology jargon What could have worked better 30
31 • Strengthen cybersecurity; better understand the link between cybersecurity, corporate reputation and risk management, and ensure all are board-level responsibilities • Prepare a strong cyber/data breach incident response plan, including a multi- scenario communications plan, and regularly train incident response and crisis teams in different scenarios • Ensure communication about customer compensation is clear and timely, and is understood by customer service • Provide ongoing cybersecurity awareness education for leadership, employees and customers • Build constructive relationships with relevant cybersecurity-related stakeholders and opinion-formers in advance of an incident/crisis Implications for TalkTalk
32 https://www.youtube.com/watch?v=PlP-5buSfHo
33 FURTHER INFO +44 20 3856 3599 cp@charliepownall.com linkedin.com/in/charliepownall charliepownall.com

Recommended

Target data breach case study
Target data breach case studyTarget data breach case study
Target data breach case studyAbhilash vijayan
 
Target data breach presentation
Target data breach presentationTarget data breach presentation
Target data breach presentationSreejith Nair
 
Overview of Microsoft Teams and Data Loss Prevention(DLP)
Overview of Microsoft Teams and Data Loss Prevention(DLP)Overview of Microsoft Teams and Data Loss Prevention(DLP)
Overview of Microsoft Teams and Data Loss Prevention(DLP)Radhakrishnan Govindan
 
Cyber Security 101
Cyber Security 101Cyber Security 101
Cyber Security 101Cloudflare
 
Walmart
WalmartWalmart
Walmartsajidsharif2022
 
Two factor authentication 2018
Two factor authentication 2018Two factor authentication 2018
Two factor authentication 2018Will Adams
 
Carolinas healthcare system
Carolinas healthcare system Carolinas healthcare system
Carolinas healthcare system Sanmeet Dhokay
 
Culinarian Cookware case study analysis
Culinarian Cookware case study analysisCulinarian Cookware case study analysis
Culinarian Cookware case study analysisSaurabh Mhase
 

Recommended

Target data breach case study
Target data breach case studyTarget data breach case study
Target data breach case studyAbhilash vijayan
 
Target data breach presentation
Target data breach presentationTarget data breach presentation
Target data breach presentationSreejith Nair
 
Overview of Microsoft Teams and Data Loss Prevention(DLP)
Overview of Microsoft Teams and Data Loss Prevention(DLP)Overview of Microsoft Teams and Data Loss Prevention(DLP)
Overview of Microsoft Teams and Data Loss Prevention(DLP)Radhakrishnan Govindan
 
Cyber Security 101
Cyber Security 101Cyber Security 101
Cyber Security 101Cloudflare
 
Walmart
WalmartWalmart
Walmartsajidsharif2022
 
Two factor authentication 2018
Two factor authentication 2018Two factor authentication 2018
Two factor authentication 2018Will Adams
 
Carolinas healthcare system
Carolinas healthcare system Carolinas healthcare system
Carolinas healthcare system Sanmeet Dhokay
 
Culinarian Cookware case study analysis
Culinarian Cookware case study analysisCulinarian Cookware case study analysis
Culinarian Cookware case study analysisSaurabh Mhase
 
Overview of Data Loss Prevention (DLP) Technology
Overview of Data Loss Prevention (DLP) TechnologyOverview of Data Loss Prevention (DLP) Technology
Overview of Data Loss Prevention (DLP) TechnologyLiwei Ren任力偉
 
Identity & Access Management
 Project Challenges and Recovery
Identity & Access Management
 Project Challenges and RecoveryIdentity & Access Management
 Project Challenges and Recovery
Identity & Access Management
 Project Challenges and RecoveryHanno Ekdahl
 
Overview of Data Loss Prevention Policies in Office 365
Overview of Data Loss Prevention Policies in Office 365Overview of Data Loss Prevention Policies in Office 365
Overview of Data Loss Prevention Policies in Office 365Dock 365
 
Group 04 Maersk Line Case Submission
Group 04 Maersk Line Case SubmissionGroup 04 Maersk Line Case Submission
Group 04 Maersk Line Case SubmissionAshwin Malshe
 
Target Breach Analysis
Target Breach AnalysisTarget Breach Analysis
Target Breach AnalysisTal Be'ery
 
Cybersecurity in Banking Sector
Cybersecurity in Banking SectorCybersecurity in Banking Sector
Cybersecurity in Banking SectorQuick Heal Technologies Ltd.
 
ICON Casebook 2022-23_Volume 12 (a).pdf
ICON Casebook 2022-23_Volume 12 (a).pdfICON Casebook 2022-23_Volume 12 (a).pdf
ICON Casebook 2022-23_Volume 12 (a).pdfSupriyaMurdia1
 
ysantosCsddmbhday4,5
ysantosCsddmbhday4,5ysantosCsddmbhday4,5
ysantosCsddmbhday4,5Anne Starr
 
The Definitive Guide to Data Loss Prevention
The Definitive Guide to Data Loss PreventionThe Definitive Guide to Data Loss Prevention
The Definitive Guide to Data Loss PreventionDigital Guardian
 
Email Security and Awareness
Email Security and AwarenessEmail Security and Awareness
Email Security and AwarenessSanjiv Arora
 
Case Analysis |Altius Golf and the Fighter Brand|
Case Analysis |Altius Golf and the Fighter Brand|Case Analysis |Altius Golf and the Fighter Brand|
Case Analysis |Altius Golf and the Fighter Brand|Anahit Babayan
 
Mind tree:A community of communities
Mind tree:A community of communitiesMind tree:A community of communities
Mind tree:A community of communitiesEr Pradeep Pravin Kumar
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsShawn Tuma
 
Zero Trust.pptx
Zero Trust.pptxZero Trust.pptx
Zero Trust.pptxThavaselviMunusamy1
 
Case study: Road to Hell
Case study: Road to HellCase study: Road to Hell
Case study: Road to HellAdishri Gulati
 
Littlefield Simulation
Littlefield Simulation Littlefield Simulation
Littlefield Simulation Kamal Gelya
 
Mindtree: A community of communities
Mindtree: A community of communitiesMindtree: A community of communities
Mindtree: A community of communitiesRiya Aseef
 
information security management
information security managementinformation security management
information security managementGurpreetkaur838
 
BMW Z3 Roadster Launch in USA
BMW Z3 Roadster Launch in USABMW Z3 Roadster Launch in USA
BMW Z3 Roadster Launch in USAAbhishek Kapoor
 
Data Loss Threats and Mitigations
Data Loss Threats and MitigationsData Loss Threats and Mitigations
Data Loss Threats and MitigationsApril Mardock CISSP
 
Security and governance
Security and governanceSecurity and governance
Security and governanceDataWorks Summit
 
Retail Excellence Ireland - Cyber Threats 2015 Overview
Retail Excellence Ireland - Cyber Threats 2015 OverviewRetail Excellence Ireland - Cyber Threats 2015 Overview
Retail Excellence Ireland - Cyber Threats 2015 OverviewOCTF Industry Engagement
 

More Related Content

What's hot

Overview of Data Loss Prevention (DLP) Technology
Overview of Data Loss Prevention (DLP) TechnologyOverview of Data Loss Prevention (DLP) Technology
Overview of Data Loss Prevention (DLP) TechnologyLiwei Ren任力偉
 
Identity & Access Management
 Project Challenges and Recovery
Identity & Access Management
 Project Challenges and RecoveryIdentity & Access Management
 Project Challenges and Recovery
Identity & Access Management
 Project Challenges and RecoveryHanno Ekdahl
 
Overview of Data Loss Prevention Policies in Office 365
Overview of Data Loss Prevention Policies in Office 365Overview of Data Loss Prevention Policies in Office 365
Overview of Data Loss Prevention Policies in Office 365Dock 365
 
Group 04 Maersk Line Case Submission
Group 04 Maersk Line Case SubmissionGroup 04 Maersk Line Case Submission
Group 04 Maersk Line Case SubmissionAshwin Malshe
 
Target Breach Analysis
Target Breach AnalysisTarget Breach Analysis
Target Breach AnalysisTal Be'ery
 
ICON Casebook 2022-23_Volume 12 (a).pdf
ICON Casebook 2022-23_Volume 12 (a).pdfICON Casebook 2022-23_Volume 12 (a).pdf
ICON Casebook 2022-23_Volume 12 (a).pdfSupriyaMurdia1
 
ysantosCsddmbhday4,5
ysantosCsddmbhday4,5ysantosCsddmbhday4,5
ysantosCsddmbhday4,5Anne Starr
 
The Definitive Guide to Data Loss Prevention
The Definitive Guide to Data Loss PreventionThe Definitive Guide to Data Loss Prevention
The Definitive Guide to Data Loss PreventionDigital Guardian
 
Email Security and Awareness
Email Security and AwarenessEmail Security and Awareness
Email Security and AwarenessSanjiv Arora
 
Case Analysis |Altius Golf and the Fighter Brand|
Case Analysis |Altius Golf and the Fighter Brand|Case Analysis |Altius Golf and the Fighter Brand|
Case Analysis |Altius Golf and the Fighter Brand|Anahit Babayan
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsShawn Tuma
 
Case study: Road to Hell
Case study: Road to HellCase study: Road to Hell
Case study: Road to HellAdishri Gulati
 
Littlefield Simulation
Littlefield Simulation Littlefield Simulation
Littlefield Simulation Kamal Gelya
 
Mindtree: A community of communities
Mindtree: A community of communitiesMindtree: A community of communities
Mindtree: A community of communitiesRiya Aseef
 
information security management
information security managementinformation security management
information security managementGurpreetkaur838
 
BMW Z3 Roadster Launch in USA
BMW Z3 Roadster Launch in USABMW Z3 Roadster Launch in USA
BMW Z3 Roadster Launch in USAAbhishek Kapoor
 
Data Loss Threats and Mitigations
Data Loss Threats and MitigationsData Loss Threats and Mitigations
Data Loss Threats and MitigationsApril Mardock CISSP
 

What's hot (20)

Overview of Data Loss Prevention (DLP) Technology
Overview of Data Loss Prevention (DLP) TechnologyOverview of Data Loss Prevention (DLP) Technology
Overview of Data Loss Prevention (DLP) Technology
 
Identity & Access Management
 Project Challenges and Recovery
Identity & Access Management
 Project Challenges and RecoveryIdentity & Access Management
 Project Challenges and Recovery
Identity & Access Management
 Project Challenges and Recovery
 
Overview of Data Loss Prevention Policies in Office 365
Overview of Data Loss Prevention Policies in Office 365Overview of Data Loss Prevention Policies in Office 365
Overview of Data Loss Prevention Policies in Office 365
 
Group 04 Maersk Line Case Submission
Group 04 Maersk Line Case SubmissionGroup 04 Maersk Line Case Submission
Group 04 Maersk Line Case Submission
 
Target Breach Analysis
Target Breach AnalysisTarget Breach Analysis
Target Breach Analysis
 
Cybersecurity in Banking Sector
Cybersecurity in Banking SectorCybersecurity in Banking Sector
Cybersecurity in Banking Sector
 
ICON Casebook 2022-23_Volume 12 (a).pdf
ICON Casebook 2022-23_Volume 12 (a).pdfICON Casebook 2022-23_Volume 12 (a).pdf
ICON Casebook 2022-23_Volume 12 (a).pdf
 
ysantosCsddmbhday4,5
ysantosCsddmbhday4,5ysantosCsddmbhday4,5
ysantosCsddmbhday4,5
 
The Definitive Guide to Data Loss Prevention
The Definitive Guide to Data Loss PreventionThe Definitive Guide to Data Loss Prevention
The Definitive Guide to Data Loss Prevention
 
Email Security and Awareness
Email Security and AwarenessEmail Security and Awareness
Email Security and Awareness
 
Case Analysis |Altius Golf and the Fighter Brand|
Case Analysis |Altius Golf and the Fighter Brand|Case Analysis |Altius Golf and the Fighter Brand|
Case Analysis |Altius Golf and the Fighter Brand|
 
Mind tree:A community of communities
Mind tree:A community of communitiesMind tree:A community of communities
Mind tree:A community of communities
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
 
Zero Trust.pptx
Zero Trust.pptxZero Trust.pptx
Zero Trust.pptx
 
Case study: Road to Hell
Case study: Road to HellCase study: Road to Hell
Case study: Road to Hell
 
Littlefield Simulation
Littlefield Simulation Littlefield Simulation
Littlefield Simulation
 
Mindtree: A community of communities
Mindtree: A community of communitiesMindtree: A community of communities
Mindtree: A community of communities
 
information security management
information security managementinformation security management
information security management
 
BMW Z3 Roadster Launch in USA
BMW Z3 Roadster Launch in USABMW Z3 Roadster Launch in USA
BMW Z3 Roadster Launch in USA
 
Data Loss Threats and Mitigations
Data Loss Threats and MitigationsData Loss Threats and Mitigations
Data Loss Threats and Mitigations
 

Similar to TalkTalk Data Breach Case Study

Retail Excellence Ireland - Cyber Threats 2015 Overview
Retail Excellence Ireland - Cyber Threats 2015 OverviewRetail Excellence Ireland - Cyber Threats 2015 Overview
Retail Excellence Ireland - Cyber Threats 2015 OverviewOCTF Industry Engagement
 
CRI "Lessons From The Front Lines" March 26th Dublin
CRI "Lessons From The Front Lines" March 26th Dublin CRI "Lessons From The Front Lines" March 26th Dublin
CRI "Lessons From The Front Lines" March 26th Dublin OCTF Industry Engagement
 
SecureWeb3 - Developing a Comprehensive Cybersecurity Strategy for the Decent...
SecureWeb3 - Developing a Comprehensive Cybersecurity Strategy for the Decent...SecureWeb3 - Developing a Comprehensive Cybersecurity Strategy for the Decent...
SecureWeb3 - Developing a Comprehensive Cybersecurity Strategy for the Decent...Prasanna Hegde
 
How to handle data breach incidents under GDPR
How to handle data breach incidents under GDPRHow to handle data breach incidents under GDPR
How to handle data breach incidents under GDPRCharlie Pownall
 
Robocall Mitigation with YouMail and ProSBC
Robocall Mitigation with YouMail and ProSBCRobocall Mitigation with YouMail and ProSBC
Robocall Mitigation with YouMail and ProSBCAlan Percy
 
Robocall Mitigation with YouMail and ProSBC
Robocall Mitigation with YouMail and ProSBCRobocall Mitigation with YouMail and ProSBC
Robocall Mitigation with YouMail and ProSBCTelcoBridges Inc.
 
TPS Assured - Thursday 31 October 2013
TPS Assured - Thursday 31 October 2013TPS Assured - Thursday 31 October 2013
TPS Assured - Thursday 31 October 2013Rachel Aldighieri
 
Will STIR/SHAKEN Solve the Illegal Robocall Problem?
Will STIR/SHAKEN Solve the Illegal Robocall Problem?Will STIR/SHAKEN Solve the Illegal Robocall Problem?
Will STIR/SHAKEN Solve the Illegal Robocall Problem?Alan Percy
 
Will STIR/SHAKEN Solve the Illegal Robocall Problem?
Will STIR/SHAKEN Solve the Illegal Robocall Problem?Will STIR/SHAKEN Solve the Illegal Robocall Problem?
Will STIR/SHAKEN Solve the Illegal Robocall Problem?TelcoBridges Inc.
 
A Breach Carol: 2013 Review, 2014 Predictions
A Breach Carol: 2013 Review, 2014 PredictionsA Breach Carol: 2013 Review, 2014 Predictions
A Breach Carol: 2013 Review, 2014 PredictionsResilient Systems
 
IWMW 2000: Trusted e-Commerce: What Does it Mean?
IWMW 2000: Trusted e-Commerce: What Does it Mean?IWMW 2000: Trusted e-Commerce: What Does it Mean?
IWMW 2000: Trusted e-Commerce: What Does it Mean?IWMW
 
The Power of a Black List, the Promise of a White List
The Power of a Black List, the Promise of a White ListThe Power of a Black List, the Promise of a White List
The Power of a Black List, the Promise of a White Listderektop
 
Webinar: Be Cyber Smart – Stories from the Trenches
Webinar: Be Cyber Smart – Stories from the TrenchesWebinar: Be Cyber Smart – Stories from the Trenches
Webinar: Be Cyber Smart – Stories from the TrenchesWithum
 
Cybersecurity During the COVID Era
Cybersecurity During the COVID EraCybersecurity During the COVID Era
Cybersecurity During the COVID EraCitrin Cooperman
 
Cyber Security and the Impact on your Business
Cyber Security and the Impact on your BusinessCyber Security and the Impact on your Business
Cyber Security and the Impact on your BusinessLucy Denver
 
protectingyourbusinessfromcyberrisks-pptforseminarnov122014-141120120959-conv...
protectingyourbusinessfromcyberrisks-pptforseminarnov122014-141120120959-conv...protectingyourbusinessfromcyberrisks-pptforseminarnov122014-141120120959-conv...
protectingyourbusinessfromcyberrisks-pptforseminarnov122014-141120120959-conv...James Fisher
 
NextLevel Cyber Security Executive Briefing
NextLevel Cyber Security Executive BriefingNextLevel Cyber Security Executive Briefing
NextLevel Cyber Security Executive BriefingJoe Nathans
 

Similar to TalkTalk Data Breach Case Study (20)

Security and governance
Security and governanceSecurity and governance
Security and governance
 
Retail Excellence Ireland - Cyber Threats 2015 Overview
Retail Excellence Ireland - Cyber Threats 2015 OverviewRetail Excellence Ireland - Cyber Threats 2015 Overview
Retail Excellence Ireland - Cyber Threats 2015 Overview
 
CRI "Lessons From The Front Lines" March 26th Dublin
CRI "Lessons From The Front Lines" March 26th Dublin CRI "Lessons From The Front Lines" March 26th Dublin
CRI "Lessons From The Front Lines" March 26th Dublin
 
Cyber Threat Overview for Euro IT counsel
Cyber Threat Overview for Euro IT counselCyber Threat Overview for Euro IT counsel
Cyber Threat Overview for Euro IT counsel
 
SecureWeb3 - Developing a Comprehensive Cybersecurity Strategy for the Decent...
SecureWeb3 - Developing a Comprehensive Cybersecurity Strategy for the Decent...SecureWeb3 - Developing a Comprehensive Cybersecurity Strategy for the Decent...
SecureWeb3 - Developing a Comprehensive Cybersecurity Strategy for the Decent...
 
How to handle data breach incidents under GDPR
How to handle data breach incidents under GDPRHow to handle data breach incidents under GDPR
How to handle data breach incidents under GDPR
 
Robocall Mitigation with YouMail and ProSBC
Robocall Mitigation with YouMail and ProSBCRobocall Mitigation with YouMail and ProSBC
Robocall Mitigation with YouMail and ProSBC
 
Robocall Mitigation with YouMail and ProSBC
Robocall Mitigation with YouMail and ProSBCRobocall Mitigation with YouMail and ProSBC
Robocall Mitigation with YouMail and ProSBC
 
TPS Assured - Thursday 31 October 2013
TPS Assured - Thursday 31 October 2013TPS Assured - Thursday 31 October 2013
TPS Assured - Thursday 31 October 2013
 
Will STIR/SHAKEN Solve the Illegal Robocall Problem?
Will STIR/SHAKEN Solve the Illegal Robocall Problem?Will STIR/SHAKEN Solve the Illegal Robocall Problem?
Will STIR/SHAKEN Solve the Illegal Robocall Problem?
 
Will STIR/SHAKEN Solve the Illegal Robocall Problem?
Will STIR/SHAKEN Solve the Illegal Robocall Problem?Will STIR/SHAKEN Solve the Illegal Robocall Problem?
Will STIR/SHAKEN Solve the Illegal Robocall Problem?
 
A Breach Carol: 2013 Review, 2014 Predictions
A Breach Carol: 2013 Review, 2014 PredictionsA Breach Carol: 2013 Review, 2014 Predictions
A Breach Carol: 2013 Review, 2014 Predictions
 
IWMW 2000: Trusted e-Commerce: What Does it Mean?
IWMW 2000: Trusted e-Commerce: What Does it Mean?IWMW 2000: Trusted e-Commerce: What Does it Mean?
IWMW 2000: Trusted e-Commerce: What Does it Mean?
 
The Power of a Black List, the Promise of a White List
The Power of a Black List, the Promise of a White ListThe Power of a Black List, the Promise of a White List
The Power of a Black List, the Promise of a White List
 
Webinar: Be Cyber Smart – Stories from the Trenches
Webinar: Be Cyber Smart – Stories from the TrenchesWebinar: Be Cyber Smart – Stories from the Trenches
Webinar: Be Cyber Smart – Stories from the Trenches
 
Cybersecurity During the COVID Era
Cybersecurity During the COVID EraCybersecurity During the COVID Era
Cybersecurity During the COVID Era
 
CRI Retail Cyber Threats
CRI Retail Cyber ThreatsCRI Retail Cyber Threats
CRI Retail Cyber Threats
 
Cyber Security and the Impact on your Business
Cyber Security and the Impact on your BusinessCyber Security and the Impact on your Business
Cyber Security and the Impact on your Business
 
protectingyourbusinessfromcyberrisks-pptforseminarnov122014-141120120959-conv...
protectingyourbusinessfromcyberrisks-pptforseminarnov122014-141120120959-conv...protectingyourbusinessfromcyberrisks-pptforseminarnov122014-141120120959-conv...
protectingyourbusinessfromcyberrisks-pptforseminarnov122014-141120120959-conv...
 
NextLevel Cyber Security Executive Briefing
NextLevel Cyber Security Executive BriefingNextLevel Cyber Security Executive Briefing
NextLevel Cyber Security Executive Briefing
 

More from Charlie Pownall

Maersk Notpetya Crisis Response Case Study
Maersk Notpetya Crisis Response Case StudyMaersk Notpetya Crisis Response Case Study
Maersk Notpetya Crisis Response Case StudyCharlie Pownall
 
Risky Business: The Whys and Hows of Effective Reputational Risk Management
Risky Business: The Whys and Hows of Effective Reputational Risk ManagementRisky Business: The Whys and Hows of Effective Reputational Risk Management
Risky Business: The Whys and Hows of Effective Reputational Risk ManagementCharlie Pownall
 
GDPR: Data Breach Notification and Communications
GDPR: Data Breach Notification and CommunicationsGDPR: Data Breach Notification and Communications
GDPR: Data Breach Notification and CommunicationsCharlie Pownall
 
Plans Are Useless - Preparing for & Responding to a Crisis in the Digital Age
Plans Are Useless - Preparing for & Responding to a Crisis in the Digital AgePlans Are Useless - Preparing for & Responding to a Crisis in the Digital Age
Plans Are Useless - Preparing for & Responding to a Crisis in the Digital AgeCharlie Pownall
 
Boxing Clever: How to Safeguard your Company's Reputation Online
Boxing Clever: How to Safeguard your Company's Reputation OnlineBoxing Clever: How to Safeguard your Company's Reputation Online
Boxing Clever: How to Safeguard your Company's Reputation OnlineCharlie Pownall
 
Building Trust and a Healthy Reputation from the Get-go
Building Trust and a Healthy Reputation from the Get-goBuilding Trust and a Healthy Reputation from the Get-go
Building Trust and a Healthy Reputation from the Get-goCharlie Pownall
 
An Introduction to The New Crisis Communications
An Introduction to The New Crisis CommunicationsAn Introduction to The New Crisis Communications
An Introduction to The New Crisis CommunicationsCharlie Pownall
 
Managing Online Reputation. How to Protect Your Company on Social Media
Managing Online Reputation. How to Protect Your Company on Social MediaManaging Online Reputation. How to Protect Your Company on Social Media
Managing Online Reputation. How to Protect Your Company on Social MediaCharlie Pownall
 
No Time to Think. How to Respond to Negative Situations Using Social Media
No Time to Think. How to Respond to Negative Situations Using Social MediaNo Time to Think. How to Respond to Negative Situations Using Social Media
No Time to Think. How to Respond to Negative Situations Using Social MediaCharlie Pownall
 
Issues Management In The Digital Age
Issues Management In The Digital AgeIssues Management In The Digital Age
Issues Management In The Digital AgeCharlie Pownall
 
Social Media for Crisis Communications
Social Media for Crisis CommunicationsSocial Media for Crisis Communications
Social Media for Crisis CommunicationsCharlie Pownall
 
Online Community Engagement For Government
Online Community Engagement For GovernmentOnline Community Engagement For Government
Online Community Engagement For GovernmentCharlie Pownall
 
How To Develop Social Media Strategy
How To Develop Social Media StrategyHow To Develop Social Media Strategy
How To Develop Social Media StrategyCharlie Pownall
 
Safeguarding Corporate Reputation In Social Media
Safeguarding Corporate Reputation In Social MediaSafeguarding Corporate Reputation In Social Media
Safeguarding Corporate Reputation In Social MediaCharlie Pownall
 
Top Social Media #Fails in Asia - 2013
Top Social Media #Fails in Asia - 2013Top Social Media #Fails in Asia - 2013
Top Social Media #Fails in Asia - 2013Charlie Pownall
 
Social Media for Thought Leadership
Social Media for Thought LeadershipSocial Media for Thought Leadership
Social Media for Thought LeadershipCharlie Pownall
 
How to Minimise Social Media Marketing Risks
How to Minimise Social Media Marketing RisksHow to Minimise Social Media Marketing Risks
How to Minimise Social Media Marketing RisksCharlie Pownall
 
Digital Influence: Communications Nirvana?
Digital Influence: Communications Nirvana?Digital Influence: Communications Nirvana?
Digital Influence: Communications Nirvana?Charlie Pownall
 
Social Engagement. 15 Tips From The Trenches
Social Engagement. 15 Tips From The TrenchesSocial Engagement. 15 Tips From The Trenches
Social Engagement. 15 Tips From The TrenchesCharlie Pownall
 

More from Charlie Pownall (20)

Transparent AI
Transparent AITransparent AI
Transparent AI
 
Maersk Notpetya Crisis Response Case Study
Maersk Notpetya Crisis Response Case StudyMaersk Notpetya Crisis Response Case Study
Maersk Notpetya Crisis Response Case Study
 
Risky Business: The Whys and Hows of Effective Reputational Risk Management
Risky Business: The Whys and Hows of Effective Reputational Risk ManagementRisky Business: The Whys and Hows of Effective Reputational Risk Management
Risky Business: The Whys and Hows of Effective Reputational Risk Management
 
GDPR: Data Breach Notification and Communications
GDPR: Data Breach Notification and CommunicationsGDPR: Data Breach Notification and Communications
GDPR: Data Breach Notification and Communications
 
Plans Are Useless - Preparing for & Responding to a Crisis in the Digital Age
Plans Are Useless - Preparing for & Responding to a Crisis in the Digital AgePlans Are Useless - Preparing for & Responding to a Crisis in the Digital Age
Plans Are Useless - Preparing for & Responding to a Crisis in the Digital Age
 
Boxing Clever: How to Safeguard your Company's Reputation Online
Boxing Clever: How to Safeguard your Company's Reputation OnlineBoxing Clever: How to Safeguard your Company's Reputation Online
Boxing Clever: How to Safeguard your Company's Reputation Online
 
Building Trust and a Healthy Reputation from the Get-go
Building Trust and a Healthy Reputation from the Get-goBuilding Trust and a Healthy Reputation from the Get-go
Building Trust and a Healthy Reputation from the Get-go
 
An Introduction to The New Crisis Communications
An Introduction to The New Crisis CommunicationsAn Introduction to The New Crisis Communications
An Introduction to The New Crisis Communications
 
Managing Online Reputation. How to Protect Your Company on Social Media
Managing Online Reputation. How to Protect Your Company on Social MediaManaging Online Reputation. How to Protect Your Company on Social Media
Managing Online Reputation. How to Protect Your Company on Social Media
 
No Time to Think. How to Respond to Negative Situations Using Social Media
No Time to Think. How to Respond to Negative Situations Using Social MediaNo Time to Think. How to Respond to Negative Situations Using Social Media
No Time to Think. How to Respond to Negative Situations Using Social Media
 
Issues Management In The Digital Age
Issues Management In The Digital AgeIssues Management In The Digital Age
Issues Management In The Digital Age
 
Social Media for Crisis Communications
Social Media for Crisis CommunicationsSocial Media for Crisis Communications
Social Media for Crisis Communications
 
Online Community Engagement For Government
Online Community Engagement For GovernmentOnline Community Engagement For Government
Online Community Engagement For Government
 
How To Develop Social Media Strategy
How To Develop Social Media StrategyHow To Develop Social Media Strategy
How To Develop Social Media Strategy
 
Safeguarding Corporate Reputation In Social Media
Safeguarding Corporate Reputation In Social MediaSafeguarding Corporate Reputation In Social Media
Safeguarding Corporate Reputation In Social Media
 
Top Social Media #Fails in Asia - 2013
Top Social Media #Fails in Asia - 2013Top Social Media #Fails in Asia - 2013
Top Social Media #Fails in Asia - 2013
 
Social Media for Thought Leadership
Social Media for Thought LeadershipSocial Media for Thought Leadership
Social Media for Thought Leadership
 
How to Minimise Social Media Marketing Risks
How to Minimise Social Media Marketing RisksHow to Minimise Social Media Marketing Risks
How to Minimise Social Media Marketing Risks
 
Digital Influence: Communications Nirvana?
Digital Influence: Communications Nirvana?Digital Influence: Communications Nirvana?
Digital Influence: Communications Nirvana?
 
Social Engagement. 15 Tips From The Trenches
Social Engagement. 15 Tips From The TrenchesSocial Engagement. 15 Tips From The Trenches
Social Engagement. 15 Tips From The Trenches
 

Recently uploaded

Psychic Reading | Spiritual Guidance – Astro Ganesh Ji
Psychic Reading | Spiritual Guidance – Astro Ganesh JiPsychic Reading | Spiritual Guidance – Astro Ganesh Ji
Psychic Reading | Spiritual Guidance – Astro Ganesh Jiastral oracle
 
trending-flavors-and-ingredients-in-salty-snacks-us-2024_Redacted-V2.pdf
trending-flavors-and-ingredients-in-salty-snacks-us-2024_Redacted-V2.pdftrending-flavors-and-ingredients-in-salty-snacks-us-2024_Redacted-V2.pdf
trending-flavors-and-ingredients-in-salty-snacks-us-2024_Redacted-V2.pdfMintel Group
 
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptxThe-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptxmbikashkanyari
 
How Generative AI Is Transforming Your Business | Byond Growth Insights | Apr...
How Generative AI Is Transforming Your Business | Byond Growth Insights | Apr...How Generative AI Is Transforming Your Business | Byond Growth Insights | Apr...
How Generative AI Is Transforming Your Business | Byond Growth Insights | Apr...Hector Del Castillo, CPM, CPMM
 
WSMM Technology February.March Newsletter_vF.pdf
WSMM Technology February.March Newsletter_vF.pdfWSMM Technology February.March Newsletter_vF.pdf
WSMM Technology February.March Newsletter_vF.pdfJamesConcepcion7
 
Cyber Security Training in Office Environment
Cyber Security Training in Office EnvironmentCyber Security Training in Office Environment
Cyber Security Training in Office Environmentelijahj01012
 
1911 Gold Corporate Presentation Apr 2024.pdf
1911 Gold Corporate Presentation Apr 2024.pdf1911 Gold Corporate Presentation Apr 2024.pdf
1911 Gold Corporate Presentation Apr 2024.pdfShaun Heinrichs
 
Appkodes Tinder Clone Script with Customisable Solutions.pptx
Appkodes Tinder Clone Script with Customisable Solutions.pptxAppkodes Tinder Clone Script with Customisable Solutions.pptx
Appkodes Tinder Clone Script with Customisable Solutions.pptxappkodes
 
Unveiling the Soundscape Music for Psychedelic Experiences
Unveiling the Soundscape Music for Psychedelic ExperiencesUnveiling the Soundscape Music for Psychedelic Experiences
Unveiling the Soundscape Music for Psychedelic ExperiencesDoe Paoro
 
Pitch Deck Teardown: Xpanceo's $40M Seed deck
Pitch Deck Teardown: Xpanceo's $40M Seed deckPitch Deck Teardown: Xpanceo's $40M Seed deck
Pitch Deck Teardown: Xpanceo's $40M Seed deckHajeJanKamps
 
Interoperability and ecosystems: Assembling the industrial metaverse
Interoperability and ecosystems: Assembling the industrial metaverseInteroperability and ecosystems: Assembling the industrial metaverse
Interoperability and ecosystems: Assembling the industrial metaverseSiemens
 
business environment micro environment macro environment.pptx
business environment micro environment macro environment.pptxbusiness environment micro environment macro environment.pptx
business environment micro environment macro environment.pptxShruti Mittal
 
Excvation Safety for safety officers reference
Excvation Safety for safety officers referenceExcvation Safety for safety officers reference
Excvation Safety for safety officers referencessuser2c065e
 
Go for Rakhi Bazaar and Pick the Latest Bhaiya Bhabhi Rakhi.pptx
Go for Rakhi Bazaar and Pick the Latest Bhaiya Bhabhi Rakhi.pptxGo for Rakhi Bazaar and Pick the Latest Bhaiya Bhabhi Rakhi.pptx
Go for Rakhi Bazaar and Pick the Latest Bhaiya Bhabhi Rakhi.pptxRakhi Bazaar
 
Guide Complete Set of Residential Architectural Drawings PDF
Guide Complete Set of Residential Architectural Drawings PDFGuide Complete Set of Residential Architectural Drawings PDF
Guide Complete Set of Residential Architectural Drawings PDFChandresh Chudasama
 
Types of Cyberattacks - ASG I.T. Consulting.pdf
Types of Cyberattacks - ASG I.T. Consulting.pdfTypes of Cyberattacks - ASG I.T. Consulting.pdf
Types of Cyberattacks - ASG I.T. Consulting.pdfASGITConsulting
 
NAB Show Exhibitor List 2024 - Exhibitors Data
NAB Show Exhibitor List 2024 - Exhibitors DataNAB Show Exhibitor List 2024 - Exhibitors Data
NAB Show Exhibitor List 2024 - Exhibitors DataExhibitors Data
 
Memorándum de Entendimiento (MoU) entre Codelco y SQM
Memorándum de Entendimiento (MoU) entre Codelco y SQMMemorándum de Entendimiento (MoU) entre Codelco y SQM
Memorándum de Entendimiento (MoU) entre Codelco y SQMVoces Mineras
 
14680-51-4.pdf Good quality CAS Good quality CAS
14680-51-4.pdf Good quality CAS Good quality CAS14680-51-4.pdf Good quality CAS Good quality CAS
14680-51-4.pdf Good quality CAS Good quality CAScathy664059
 

Recently uploaded (20)

Psychic Reading | Spiritual Guidance – Astro Ganesh Ji
Psychic Reading | Spiritual Guidance – Astro Ganesh JiPsychic Reading | Spiritual Guidance – Astro Ganesh Ji
Psychic Reading | Spiritual Guidance – Astro Ganesh Ji
 
trending-flavors-and-ingredients-in-salty-snacks-us-2024_Redacted-V2.pdf
trending-flavors-and-ingredients-in-salty-snacks-us-2024_Redacted-V2.pdftrending-flavors-and-ingredients-in-salty-snacks-us-2024_Redacted-V2.pdf
trending-flavors-and-ingredients-in-salty-snacks-us-2024_Redacted-V2.pdf
 
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptxThe-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
 
How Generative AI Is Transforming Your Business | Byond Growth Insights | Apr...
How Generative AI Is Transforming Your Business | Byond Growth Insights | Apr...How Generative AI Is Transforming Your Business | Byond Growth Insights | Apr...
How Generative AI Is Transforming Your Business | Byond Growth Insights | Apr...
 
WSMM Technology February.March Newsletter_vF.pdf
WSMM Technology February.March Newsletter_vF.pdfWSMM Technology February.March Newsletter_vF.pdf
WSMM Technology February.March Newsletter_vF.pdf
 
Cyber Security Training in Office Environment
Cyber Security Training in Office EnvironmentCyber Security Training in Office Environment
Cyber Security Training in Office Environment
 
1911 Gold Corporate Presentation Apr 2024.pdf
1911 Gold Corporate Presentation Apr 2024.pdf1911 Gold Corporate Presentation Apr 2024.pdf
1911 Gold Corporate Presentation Apr 2024.pdf
 
Appkodes Tinder Clone Script with Customisable Solutions.pptx
Appkodes Tinder Clone Script with Customisable Solutions.pptxAppkodes Tinder Clone Script with Customisable Solutions.pptx
Appkodes Tinder Clone Script with Customisable Solutions.pptx
 
Unveiling the Soundscape Music for Psychedelic Experiences
Unveiling the Soundscape Music for Psychedelic ExperiencesUnveiling the Soundscape Music for Psychedelic Experiences
Unveiling the Soundscape Music for Psychedelic Experiences
 
Pitch Deck Teardown: Xpanceo's $40M Seed deck
Pitch Deck Teardown: Xpanceo's $40M Seed deckPitch Deck Teardown: Xpanceo's $40M Seed deck
Pitch Deck Teardown: Xpanceo's $40M Seed deck
 
The Bizz Quiz-E-Summit-E-Cell-IITPatna.pptx
The Bizz Quiz-E-Summit-E-Cell-IITPatna.pptxThe Bizz Quiz-E-Summit-E-Cell-IITPatna.pptx
The Bizz Quiz-E-Summit-E-Cell-IITPatna.pptx
 
Interoperability and ecosystems: Assembling the industrial metaverse
Interoperability and ecosystems: Assembling the industrial metaverseInteroperability and ecosystems: Assembling the industrial metaverse
Interoperability and ecosystems: Assembling the industrial metaverse
 
business environment micro environment macro environment.pptx
business environment micro environment macro environment.pptxbusiness environment micro environment macro environment.pptx
business environment micro environment macro environment.pptx
 
Excvation Safety for safety officers reference
Excvation Safety for safety officers referenceExcvation Safety for safety officers reference
Excvation Safety for safety officers reference
 
Go for Rakhi Bazaar and Pick the Latest Bhaiya Bhabhi Rakhi.pptx
Go for Rakhi Bazaar and Pick the Latest Bhaiya Bhabhi Rakhi.pptxGo for Rakhi Bazaar and Pick the Latest Bhaiya Bhabhi Rakhi.pptx
Go for Rakhi Bazaar and Pick the Latest Bhaiya Bhabhi Rakhi.pptx
 
Guide Complete Set of Residential Architectural Drawings PDF
Guide Complete Set of Residential Architectural Drawings PDFGuide Complete Set of Residential Architectural Drawings PDF
Guide Complete Set of Residential Architectural Drawings PDF
 
Types of Cyberattacks - ASG I.T. Consulting.pdf
Types of Cyberattacks - ASG I.T. Consulting.pdfTypes of Cyberattacks - ASG I.T. Consulting.pdf
Types of Cyberattacks - ASG I.T. Consulting.pdf
 
NAB Show Exhibitor List 2024 - Exhibitors Data
NAB Show Exhibitor List 2024 - Exhibitors DataNAB Show Exhibitor List 2024 - Exhibitors Data
NAB Show Exhibitor List 2024 - Exhibitors Data
 
Memorándum de Entendimiento (MoU) entre Codelco y SQM
Memorándum de Entendimiento (MoU) entre Codelco y SQMMemorándum de Entendimiento (MoU) entre Codelco y SQM
Memorándum de Entendimiento (MoU) entre Codelco y SQM
 
14680-51-4.pdf Good quality CAS Good quality CAS
14680-51-4.pdf Good quality CAS Good quality CAS14680-51-4.pdf Good quality CAS Good quality CAS
14680-51-4.pdf Good quality CAS Good quality CAS
 

TalkTalk Data Breach Case Study

  • 1. Data Breach October 2015 1 Reputation risk management / Crisis management & communications / Cyber & data privacy communications
  • 3. 3 • 2003: founded as subsidiary of Carphone Warehouse • 2006: ‘Free broadband forever’ campaign marred by long waiting lists, poor service delivery, Advertising Standards Association (ASA) complaints • 2010: Dido Harding appointed CEO, demerges, lists • 2010: company publicly criticised by ICO for intrusive telephone marketing; discovered to have been incorrectly billing 65,000+ customers by Ofcom • 2012: second to market with integrated TV/broadband/phone/mobile bundle • Regularly rated amongst the worst UK landline and broadband service providers • The company suffers two data breaches earlier in 2015, and its share price had fallen 30% in the six months prior to its third breach TalkTalk – 2003-2015 Source: Ofcom - 2013, Which - 2015
  • 4. 4 Source: MarketForce - 2016 TalkTalk – customer loyalty (composite, 2015)
  • 5. 5 TalkTalk – financials (FY 2014) Source: TalkTalk – 2014
  • 6. 6 TalkTalk – non-financials (FY 2014) Source: TalkTalk – 2014
  • 7. 7Sources: Brand Finance, June 2015 TalkTalk – brand value (2015)
  • 8. 8Source: Reputation Institute, 2016 TalkTalk – corporate reputation (2015)
  • 10. 10 • DDoS attack followed by SQL injection by unknown assailant(s) takes down company website • TalkTalk updates website homepage to acknowledge attack and within 24 hours notifies regulators and customers of data breach and appoint external cyber investigators • With 4 million customers’ data at risk, initial media reports focus on the sources and impact of the attack • Hackers then post TalkTalk customer data online and demand ransom, triggering rumours and media coverage about customer fraud, and raising questions about the company’s security practices and honesty • TalkTalk claims attack had not affected ‘core systems’; with customers trying to break their contracts, the company offers to waive its customer termination fee • ICO regulatory investigation results in record GBP 400k fine; wide-ranging parliamentary enquiry into cyber security praises TalkTalk’s ‘strong crisis management response’ but is critical of its failure to plan properly for a cyber attack of this scale • Teenager attackers later convicted and jailed TalkTalk data breach – overview Source: UK Culture, Media & Sport Select Committee, 2016
  • 11. TalkTalk Data Breach Timeline – Oct/Nov 2015 Oct 21 22 23 24 25 26 27 28 29 30 31 Nov 1 2 3 4 5 6 7 8 9 10 Oct 21 22 23 24 25 26 27 28 29 30 31 Nov 1 2 3 4 5 6 7 8 9 10 Oct 21 22 23 24 25 26 27 28 29 30 31 Nov 1 2 3 4 5 6 7 8 9 10 TalkTalkMedia/socialmediaSharepriceExternalactors Cyber-attack Formally raised in Parliament, teenage hacker arrested & bailed Confirms 21k customers affected, 28k cards accessed, 1.2m customer details stolen Announces 12 months free credit monitoring with Noddle Police launch criminal investigation, ‘TalkTalk Hackers’ post data to Pastebin Second arrest Confirms 157k customers affected, 16k customers’ bank details & 28k ‘orphaned’ customer cards accessed Publicly confirms cyber-attack, notifies ICO Publishes update, states attack not on ‘core systems’ Detects DDoS attack, takes down customer website Publishes update, responds to Police arrest Publishes update, announces termination fee waiver House of Commons Culture, Media & Sport Committee launches inquiry Fourth arrestDDoS attack The Register reports website outage, customer complaints via email, social media Hackers send ransom to TT CEO Media/online speculation on attack origin Complaints about scams Customer letter distributed and published on TT website Customers complain of poor customer service, unusual account activity Coverage of fraudulent credit card activity Senior MP accuses TT of ‘cover-up’ & calls for inquiry Third arrest Suspect’s lawyers file privacy suits against Google, Twitter and three national newspapers Widespread negative reaction to TT confirmation of unencrypted data Customers complain of not being allowed to terminate contracts Confirms investigation by specialist cybersecurity firm 11
  • 12. 12 • Unclear nature of attack and motivation of attacker(s) • High visibility of attack due to its nature, scale and duration, the perceived quality of TalkTalk’s response, and recent data breaches at TalkTalk and other companies • The company’s historic reputation for poor quality product and customer service and, in the aftermath of the attack, its IT security • Ongoing rumours and scams involving TalkTalk contribute to fears about bank account info, rumours about customer fraud, and links to terrorism • A skeptical, combative media and blogosphere • Regulatory, parliamentary and criminal investigations into the attack • Thin leadership understanding of cybersecurity • Deepening pressure on TalkTalk’s CEO to resign Significant reputational challenges
  • 13. 13 • Attack nature and consequences • Source of attack • Impact on company operations • Impact on share price • Rumours of customer fraud • Safety of customer bank info • TalkTalk IT security practices • Data encryption • Tiscali integration TalkTalk data breach – talking points • Quality of TalkTalk response • Communications speed and accuracy of statements re number of customers impacted and types of data involved • Customer termination waiver fee • IT security fix • TalkTalk leadership & governance • CEO visibility, acknowledgement & apology • Board cybersecurity knowledge • Focus on top-line growth to the detriment of IT security, privacy, etc
  • 14. 14
  • 16. 16
  • 17. 17
  • 18. 18
  • 19. 19
  • 21. 21Source: City AM, 2015 Immediate share price impact
  • 23. 23Source: Alva, 2015 Immediate relative reputational impact
  • 24. 24
  • 25. 25 • Share price: -29% • Pre-tax profit: -56% • Customers: -100,000 • Financial costs: £60m – IT security – Legal – Marketing – Customer service Six-month impact (May 2016) • Customer satisfaction: +23% • Customer complaints: -44% • Customer churn rate: -0.1% • Trust in brand: +8% Source: TalkTalk, May 2016
  • 26. One-year impact (Oct 2016) Financial impact • Legal, IT, customer service, PR costs - £60m Financial performance • Customers -100k • YOY revenue +2.4% • YOY profits -56% • Share price -29% Reputational impact • Significant loss of customers due to poor IT security, contract terminations, customer support • High profile parliamentary inquiry into cybersecurity and privacy • Record ICO £400k fine; subsequent 100k fine for failure to prevent Wipro customer service scams • CEO resignation Reputational performance • Company reputation lagged peers by 2-3% • Customer satisfaction +23% • Trust in brand +8% 26
  • 29. • Speed and transparency of communications response • Dido Harding’s visibility, acknowledgement of responsibility, apology, and empathy during and after the crisis • The responsiveness of the company’s social media team What went well 29
  • 30. • Sometimes muddled and seemingly evasive nature of statements regarding the source, timing, size and impact of the breach, and about the types of data involved, encryption, and contract terminations • Victimhood claim when the breach was not an isolated incident and when TalkTalk seen as unprepared and selective with the facts • Decision to respond initially through the mainstream media, leading customers to complain of lack of direct communication by TalkTalk • Need for greater leadership and management knowledge of cyber attacks, customer security, technology jargon What could have worked better 30
  • 31. 31 • Strengthen cybersecurity; better understand the link between cybersecurity, corporate reputation and risk management, and ensure all are board-level responsibilities • Prepare a strong cyber/data breach incident response plan, including a multi- scenario communications plan, and regularly train incident response and crisis teams in different scenarios • Ensure communication about customer compensation is clear and timely, and is understood by customer service • Provide ongoing cybersecurity awareness education for leadership, employees and customers • Build constructive relationships with relevant cybersecurity-related stakeholders and opinion-formers in advance of an incident/crisis Implications for TalkTalk
  • 33. 33 FURTHER INFO +44 20 3856 3599 cp@charliepownall.com linkedin.com/in/charliepownall charliepownall.com