TalkTalk shares drop 10.7% despite research that breaches don't cause drops

The last lot of research I saw (Ponemon Institue) said that comms companies can expect to lose about 5% of their customers following a breach, whether they were personally affected or not. Surely that possibility frightens shareholders and makes the company worth less, at least in the short term?

What kind of idiot thinks data breached don't cause a drop in share price?

A breach causes a loss in customer confidence, makes customers want to leave, makes some customers actually leave, exposes the company to lawsuits, proves the company isn't a secure/study as it once believed itself to be, more often that not reveals a need to spend to secure, the list goes on.

Something of this magnitude will help or harm a share price and you have to be pretty thick (IMHO) to think that it will make your company worth more.

Speaking of short term.... I would look at who made money by shorting these shares. Not that correlation is causation, but still. Makes you wonder eh?

Only down -2.1% as of 14:42 -- might still end the day up.

what else is going on

Given the continued poor levels of customer service even before this and after the 'new management' had turned this service issue around are we sure this just isnt an excuse by the investors to show disapproval.

just like the CEO of Target wasnt ousted due to the breach there (it was a failed attempt the start Target in Canada) what else has TalkTalk not been able to do?

This is the first article I've seen say that TT are going to offer free credit monitoring so at least they are improving their response a little. Although to be honest it should be free insurance against identity theft for at least a year, possibly longer.

I just hope they get slapped hard enough! The force of which should be adjusted depending on things like what data was and was not encrypted and with what, their response time, their response actions, their plans for the future and of course what the flaw was and if it was easily preventable.

'An article published in the Harvard Business Review earlier this year claimed that data breaches "don't hurt stock prices" due to shareholders lacking "good metrics, tools, and approaches to measure the impact of cyber attacks on businesses and translate that into a dollar value."'

On the other hand shareholders might just notice the company hitting the headlines and not in a good way. The good news is that with all those Harvard MBAs not having good metrics etc, those who decide to sell might still get a good price.

"Despite these attempts at remediating the breach" ?????

Do they mean 'remedying' or is this another symptom of the hack?

if they think the prime reason for the data leak is a ddos (unlikely in the extreme) does this mean strengthening their servers against ddos means we can look forward to another hack by the actual method (which will probably remain unpatched) in a few months time?

Self-fulfilling prophecy

If the whole thing blows over, they can claim, "Look! Data breaches don't matter.".

If instead they lose all their customers and get fined and banned and jailed, it will be those things that caused the share price drop.

"TalkTalk, which has only four million customers who may have been affected by the cyber attack"

Well we now know this isn't true - they still had data on old customers, who also could be affected.

Data breaches: depends on how you look at it

Harvard uses stock price, but stock prices are subject to lots of other effects like Fed funds rate changes as well as overall risk aversion/taking levels.

Equally, costs of data breaches aren't immediate - they're spread out over multiple quarters as incident response and civil lawsuits get resolved.

If you look at it another way, however, I think investors do care. If a CEO manages to lose $150M by being a poor leader - which Home Depot and Target have lost to date even after taking into account $100M insurance policy payback - said CEO can get fired (and has in one case).

Clearly SOMEBODY cares.