TalkTalk’s hacking nightmare is hitting its shares.
While the British broadband provider claimed on Saturday that an attack on its website last week was “smaller than originally thought,” investors don’t seem to care.
Shares in TalkTalk were down nearly 9% mid-Monday morning. Shares are currently worth around 234 pence, down from more than 260 pence at the market open.
Here’s what that looks like:
The fall wiped out TalkTalk’s Friday rally. In early trading on Friday, shares plunged by 9%, before recovering and closing the day slightly up.
The way TalkTalk has handled the attack – in which hackers stole personal information of more than 4 million customers – hasn’t earned the confidence of market.
According to the Sunday Times, TalkTalk could be sued by thousands of customers claiming that the company has breached data protection laws.
As the Sunday Times reported, the company could also be set for an investigation by the Information Commissioner’s Office, which enforces the Data Protection Act. If TalkTalk is found to have broken any rules, it could be fined up to £500,000 ($767,000).
TalkTalk’s chief executive, Dido Harding is adamant the company hasn’t done anything wrong, saying the company “complied with all of our legal obligations in terms of storing of financial information.”
Over the weekend, some TalkTalk customers reported that money had been taken from their bank accounts. Sarah Laird told the BBC that £9,000 ($14,000) had been taken from her parents bank accounts.
Another customer, Hilary Foster, says that she had £600 (£921) stolen.
“I’m still very angry [about] the fact that my details are potentially out there somewhere on the internet and I’m going to have to keep checking my bank statements now for a long time,” she said.
TalkTalk says that there’s no confirmed evidence of anyone having money stolen so far, saying in a statement “We do know that there are a small number of customers who have previously been targeted by criminals and fallen victim to scams, and we are continuing to support those affected,”
The company has also come under fire from some customers for not allowing them to cancel their contracts for free. Two customers, Benedicte Earl and Paul Fisher, spoke to the Sunday Times, saying they’d been told it would cost them in excess of £200 to cancel their contracts early.
On Saturday, TalkTalk released a statement on its website, trying to calm fears about the attack, the statement included Dido Harding appearing in a video to try and explain what was going on.
In the video, Harding tells customers that the attack didn’t target TalkTalk’s core systems and was an attack on what she calls it’s “shopfront”.
Harding, a former board member at Sainsbury’s and Thomas Cook, also confirmed in the recorded statement that TalkTalk doesn’t store complete credit card details on its site, and that any details that were accessed would have been incomplete. The chief executive added that hackers would not be able to steal customers money with the information leaked “on its own”.