UK telco TalkTalk's cyber security woes continue – the company has announced that it lost more than 100,000 customers following its high-profile security breach last October, and the cost has since ballooned to more than twice as much as they expected.
It is is now predicting that it will lose between £75 and £80 million – more than double the £30 million to £35 million they forecast in November.
The costs include the one-off £40-45 million, a £15 million impact on trading, and 20 million from its reduced customer based in the final quarter of the fiscal year.
Although the 100,000 customers lost represent just a tiny fraction of its customer base, the impact on its reputation could be significant.
> See also: Unencrypted data of 4 million TalkTalk customers left exposed in 'sustained and significant' attack
As Farida Gibbs, founder and CEO at Gibbs S3, comments, these rising clean-up costs, and the impact of reputational damage on TalkTalk’s brand, highlight the compelling business case for implementing sophisticated cyber-security measures.
'Businesses may be averse to the expense of building this strong infrastructure, but firms who fail to prepare risk facing the prohibitive costs of a hack, an outlay which they cannot plan for.'
'TalkTalk’s rising bill highlights just how unexpected the real price of a cyber-attack can be,' Gibbs adds.
And public sector organisations have even more to lose from a potential hack, making TalkTalk's bill seem like small fry in comparison – a serious cyber attack on HMRC during the tax return season could cost the organisation over £13 billion in compensation claims, according to new research out today.
> See also: If you TalkTalk, you should walk the walk: a case of social responsibility
Three quarters of people would expect to receive compensation if their personal and financial data was lost in this way. With ten million people expected to submit their tax returns online by the end of January, consumers are urged to be alert to potential scams.
If HMRC suffered a cyber attack in which this data was compromised, the organisation could face a potential compensation bill of £13,160,000,000.
'The average consumer is worryingly innocent to the potential risks of data theft and identity fraud online,' said Brian Spector, CEO at MIRACL. The truth is that criminals are harnessing ever-more sophisticated methods to steal personal and financial data, wreaking enormous damage to those involved. This is a multi-billion dollar business and so people must be vigilant.'
Beyond the monetary risks, the study also outlines the wider reputational damage faced by organisations that suffer data breaches. The vast majority of those consumers surveyed (85%) said that they would not use a website or online service again if their details were stolen from that website.
'Companies like TalkTalk who suffer a serious data breach face a multi-headed monster of problems,' continued Spector.
'Not only are they presented with huge compensation claims from victims, but they also have to deal with serious reputational damage. This can lead to a mass exodus of customers and a sharp decline in share value. Cyber attacks aren’t just a problem for IT teams, but a real threat to an organisation’s survival.'