TalkTalk – UK telco operator hit hard

16 December 2015

Cyber-attacks and data breach incidents have saturated discussion and press articles in the press in recent months. 2015 is the year such high profile attacks not only became real, but commonplace in the UK and TalkTalk is arguably one of the most severe incidents affecting a telecommunications operator. In this bulletin we share some insights from this high profile incident and potential implications for other Communications, Technology and Media (CTM) companies, in particular telecommunications operators and other consumer-facing CTM companies.

TalkTalk Telecom Group plc (TalkTalk) is a quad-play (mobile, fixed, broadband, TV) UK-domiciled telecommunications operator, with annual revenues of circa GBP 1.795 billion. The company was initially founded in 2003 as a subsidiary of Carphone Warehouse and then in 2010, became a separate company via a demerger.

Since then the company has evolved to a quad-play service, with around four million customers, and also provides services to enterprise customers. It is a FTSE 250 company listed on the London Stock Exchange (LSE), and headquartered in London. 

In October 2015 TalkTalk suffered a cyberattack resulting in the shutting down of its websites and loss of sensitive personal information and financial customer information. This follows on from two previous events in February and August 2015. Overleaf, we analyse the main series of events which followed throughout October and November.

The hack was originally speculated to have been carried out by threat actors ranging from cyber-extortionists (demanding 80,000 bitcoins valued at circa GBP 17 million) to a form of cyber activism carried out by a Russian Islamic Extremist group. Still, as at today and particularly within the midst of the event, there were mixed messages and confusion.

Currently, the Metropolitan Police (Met) cybercrime unit and National Crime Agency (NCA)3 are running various investigations and we most likely will hear in due course the rationale, methodology and motives behind the attacks – as on a wider basis, cyber defence and security has now become a high category topic at a UK Government level6. 

This is a preview of our detailed paper, to obtain the full version please contact Sarah Stephens, Head of Cyber, Technology and Media E&O on +44 (0)20 7558 3548 or email alternatively contact Kate Payne, Head of Comm Tech on +44 (0)20 7528 4445 or email