This article is more than 1 year old
TalkTalk shares drop 10.7% despite research that breaches don't cause drops
Harvard brains claim investors don't care about big hacks
Shares in TalkTalk dropped by 10.7 per cent this morning after the company released a statement admitting that a "cyber attack" may have exposed the data of its four million customers.
TalkTalk is contacting all of its customers following what it called "a significant and sustained cyber attack" and intends to offer them free credit monitoring for a year to mitigate their exposure to identity thieves.
Despite these attempts at remediating the breach, London-listed shares in TalkTalk had dropped "as much as 9.5 per cent in the early minutes of trading on Friday," reported (£) the Financial Times, which continued that they "have fallen almost a fifth this week."
The share price drop is unusual and exceeds that experienced by Carphone Warehouse earlier this year, when its shares opened 1.7 per cent lower on Monday than they had closed on the Friday preceding its weekend confession.
An article published in the Harvard Business Review earlier this year claimed that data breaches "don't hurt stock prices" due to shareholders lacking "good metrics, tools, and approaches to measure the impact of cyber attacks on businesses and translate that into a dollar value."
The HBR noted how, despite the enormous scale of a data breach at JPMorgan Chase last year, in which the megabank had exposed the details of 76 million households and seven million small businesses, the company's stock prices had remained stable – indeed, had actually begun to rise by the beginning of the following month.
TalkTalk, which has only four million customers who may have been affected by the cyber attack, has formally notified the Information Commissioner's Office about the breach. The ICO has stated that it is "aware of this incident, which was reported to us on Thursday afternoon. We will be making enquiries and liaising with the police."
The telecommunications company has continued to confuse many onlookers by stating that the customers' data may have been compromised via a Distributed Denial of Service (DDoS) attack which had targeted the company's website, despite this being technically impossible. ®
The Register has created a timeline of TalkTalk's contradictory comments following on from the initial announcement of a website outage.