TalkTalk hires BAE Systems to investigate cyber attack

Shares in the British broadband provider TalkTalk slide 9 percent as it grapples with the effects of a cyber attack on the company, hiring BAE Systems to investigate.

LONDON, ENGLAND, UK (REUTERS) – TalkTalk, which is in the FTSE 250 mid-cap index rather than the blue-chip FTSE 100, slid 9 percent on Monday (October 26) as it grappled with the effects of a cyber attack on the company,

The shares fell after the British broadband provider TalkTalk said on Sunday (October 25) it had hired defence company BAE Systems to investigate a cyber attack that may have led to the theft of personal data from its more than 4 million customers.

TalkTalk said on Friday (October 23) it had received a ransom demand from an unidentified party for the attack, which has led to calls for greater regulation of how companies and public bodies manage personal data.

A spokeswoman for BAE’s Applied Intelligence division said the company’s cyber-specialists were analysing “vast quantities” of data to help establish how the breach happened and what information was stolen.

Jan Randolph is Director of Sovereign Risk Analysis at IHS Global Insight.

“I think the TalkTalk saga is very much shown and brought out into light how important cyber security is, I think all companies, all banks will review their own cyber security defences and policies. In some ways this has been a positive, the ways in which hackers out there have been able to damage reputations but also the share price ultimately of companies that have been under attack. This is normally the stuff of movies, but it is now for real and I think many companies and banks will review their cyber security policies in the light of TalkTalk,” Randolph said.

The Metropolitan Police Cyber Crime Unit is also conducting a criminal investigation into the attack.

While TalkTalk said on Saturday (October 24) it did not believe the information accessed would enable hackers to steal money from its customers, British newspapers on Sunday carried stories of individuals who said callers posing as TalkTalk employees had taken money from their bank accounts.

Agari’s EMEA Director Darren White thinks hiring BAE is a good step.

“It is a good move and I think BAE will help them understand exactly what went wrong and what areas they need to fix, and that will only help TalkTalk’s business and their consumers be better protected in the future,” White said.

White said TalkTalk CEO Dido Harding has responded well to the attack.

“There is never an easy way to respond and it is quite challenging. I think she has done a pretty good job, all considered, again it is about keeping it simple, they have been rather unfortunate and had three major attacks but I think so far she has handled it pretty well,” he said.

White said other companies will be worried about cyber attacks happening to them.

“I think a lot of companies will be thinking exactly that and I think it is a very real challenge to most organizations, it doesn’t matter how big you are, how small you are, who you are, everybody is vulnerable to a cyber attack,” White added.

Many customers took to social media to complain about their treatment following the attack, TalkTalk’s third data breach this year, with media also reporting some had been told they faced hundreds of pounds in fees to leave the provider.

Britain’s Information Commissioner watchdog, which can impose fines of up to 500,000 pounds ($765,600), has said it is looking into the incident but security experts said the prevalence of cyber crime showed more needed to be done.

Data released by the Office for National Statistics this month showed there were nearly 2.5 million incidents of cyber crime in the year to June 2015.