Fifteen year old boy arrested in connection with TalkTalk hacking scandal

By

Sharecast News | 26 Oct, 2015

Updated : 16:35

A fifteen year-old boy has been arrested in County Antrim, Northern Ireland, in connection with the hacking of TalkTalk customer details.

On Monday, 26 October, at approximately 16:20 GMT officers from the Police Service of Northern Ireland (PSNI), working with detectives from the Metropolitan Police Cyber Crime Unit (MPCCU), executed a search warrant at an address in County Antrim, Northern Ireland, Scotland Yard said in a statement.

It had been alleged by digital security blogger Brian Krebs that the hacker only asked for $80,000 in a ransom demand sent to TalkTalk.

The company asked that customers who believed they have been directly affected by this alleged data theft should visit the company's website at http://help2.talktalk.co.uk/oct22incident.

A parliamentary inquiry into the attack has been planned, culture minister Ed Vaizey told the House of Commons on Monday, with some MPs questioning why in the US companies can be fined millions for failing to protect customer data while in the UK TalkTalk is only liable for a maximum £0.5m fine from the Information Commissioner's Office (ICO).

Although the hacker turned out to be a minor, TalkTalk still has the threat of thousands of legal claims hanging over its head, on top of an expected customer exodus from those angry that the company has failed to effectively protect sensitive data.

Analysts have calculated that the cyber-attack could cost TalkTalk more than £50m-£70 in lost revenue and other related costs, while others have put costs into the hundred of millions.

But in an interview with the Sunday Times, TalkTalk chief executive Dido Harding said the company was under no "legal obligation" to encrypt sensitive customer data, such as bank account details.

"It wasn't encrypted, nor are you legally required to encrypt it," she told the newspaper. "We have complied with all of our legal obligations in terms of storing of financial information."

However, lawyers have argued that customers who claim TalkTalk has breached data protection laws could sue the firm, with potential payouts of about £1,000 per person.

The company could also be subject to a probe by the Information Commissioner’s Office as to whether it breached the Data Protection Act by failing to protect customer details, with a £0.5m penalty within the ICO's powers.

Analysts at Berenberg predicted the full fallout from the hacking episode could escalate massively: "In a statement to customers, TalkTalk said it was looking to offer a year’s free credit checking to its 4.2m customers. This would likely come at a cost."

A worst-case scenario would be to take a typical credit checking offer would be £380m, they said, "which would wipe out this year’s EBITDA, and more. Whatever it does, the company is clearly worried about the affect on its subscriber share, and rightly so given the high cost of customer acquisition and churn."

However, David Battersby, investment manager at Redmayne-Bentley, saw potential in TalkTalk shares, believing the market had overreacted and predicting the company will not suffer too badly from a customer exodus.

He said that recent price declines, along with the group's dividend yield near 6% had made the stock attractive.

Last news