"some customers had initially attempted to kill their contracts immediately after TalkTalk revealed it had suffered a security breach, only to apparently change their minds"
s/apparently change their minds/be threatened with penalties/
Shares in TalkTalk climbed more than 12 per cent, following the company's first half fiscal report to the City this morning. The budget telco's boss Dido Harding was bullish about TalkTalk's response to the attack on its systems last month. She claimed during a conference call with journalists and analysts that some customers …
bbc this morning featured the CEO and a customer who says he's had £10k lifted from bank account courtesy of leak. CEO's response? "talk to bank". Customer? "Bank said TalkTalk have responsibility if they made details available" (paraphrasing, it was several hours ago). CEO response? Nothing. Just mumbled platitudes.
"bbc this morning featured the CEO and a customer who says he's had £10k lifted from bank account courtesy of leak. CEO's response? "talk to bank". Customer? "Bank said TalkTalk have responsibility if they made details available" (paraphrasing, it was several hours ago). CEO response? Nothing. Just mumbled platitudes."
AFAIK, the CEO's actually right on this one, it ought to be the bank refunding the customer IMMEDIATELY regardless of how the leak happened, for any value over £50. Then the bank determines who's liable, and then sues TalkTalk for the combined cash value nicked from all it's customers in relation to the theft.
see https://www.moneyadviceservice.org.uk/en/articles/identity-theft-and-scams-what-you-are-liable-for
Naselus - I'm sure you are right, and if she was interested in telling people what happened, what to do about it, and providing accurate information she could have said that.
(There is the important caveat on that £50 limit, of course - it applies once you have told your bank that you believe your information compromised.)
I suspect that you are right.
People just don't want the hassle of changing to a new provider; TalkTalk know this as well as anyone and it's true for most of the utility companies. Just make it a bit difficult to swap and a lot of customers will simple carry on as they simply cannot be bothered to keep on trying to get things changed.
Personally, after all of this, I would drop them and close the service completely rather than have to accept the risk that they might bugger up again.
> s/apparently change their minds/be threatened with penalties/
When you already have one ball dangling so long as that one is hurt you won't be thinking about any others.
Think this thing through. She is obviously not talking about prospective customers, there is no way that they are going to get those back. Hysteresis in the system is probably the only reason they still have a sales force. If I was working for them I'd put in for my holidays to help wait it out.
But if I had the chance of work in a chip-shop, I'd be off right now. I bet the area around head office has been swamped with potential bus drivers and gardeners. Even pubs will be turning away bar staff hopefuls.
So that was misdirection one.
The blip is not over with the customers she says are staying. Once their waiting period is up, we will see who goes next. A steady drain is likely. It will slow eventually, if you want cheap you will accept rubbish. It is a lifestyle many adopted a lifetime ago.
Most people in that market don't know or understand that their ISP is never going to bother with encryption or anything else preventative. I doubt half their customers even care, due to ignorance.
But some will learn. The ones that never got hit will feel born lucky and anyway T Mobile got it too... ...so there.
That is the second point.
The third is that some will have heard that TALKTALK made a mistake with their advertising and some will be hoping for another Hoover Air Miles thing.
I don't know how likely that is but the customer base is as base as base gets: All you base base belong us basic. If Mistress Dildo thinks it is over she should realise she will have to walk the walk George Bush had to before it is really over and realisation has to be dawning for her even now.
TalkTalk will have magicked up all sorts of sweeteners for people threatening to cancel - suddenly much cheaper contracts and freebies will materialise which couldn't be offered to loyal customers.
Depressing to think that there are still people dumb enough to renew with Dido's Telecom Shysters.
"Yesterday's security might have been good enough but it's not going to be good enough tomorrow," she said. "I expect we will take security considerably more seriously than ever."
I would respectfully disagree and suggest that yesterdays security was in fact, not good enough.
You'd have to get someone else to make it first so that Hirst could then rip off the idea and inflate the perceived value of the item.
I posted a comment under the T-Moblie/Experian report to the effect that one solution to dealing with major corporate failings would be that adopted after the Apple ebook pricing case: the appointment by TPTB of a competent, independent auditor/inspector to be paid for by the company. The role would be to investigate thoroughly and require any remedial action. I'll extend that idea to include vetting any statements made by or on behalf of the company during and after the event and to correct them and censure the spokesperson where appropriate.
That would mean any public statement by the company would be delayed by at least three days*, until the auditor has regained his/her composure. "You want to say WHAT?"
* not a bad thing in itself, only that customers may be waiting for a response in cases like these.
Cuddles,
you are probably right, but having just suffered a 4.5 month (MONTH) argument with TalkCrap, to get anything like the speed I should get from my "upgraded" service (16MB achieved, as against 39 to 40 promised) I can say that I will probably stay with them.
REASON: apart from 2m of cable from the BT so-called "Master Socket" to the router, the wireless router itself and the digi-box-TV-fella, everything else is BT or our quality British broadcasters. Apart from the billing and the package offered, there is very little to chose between them.
BT - expensive and football mad (which I detest). Special offers which run out and cost a lot more.
Only evening and weekend calls free (TT is up to one hour). Cap on download volumes
Virgin - not available
Sky - see football comment and the fact that their customer service is as crap as TT
Plusnet - BT in drag
Cheers.
Ho hum, so I'll stick with the poor customer service as I don't intend to talk to them for years to come
Plusnet are actually pretty good - it worries me that they can send out your password in cleartext, and that they now charge for CC payments so they have my bank details, but I have several emails assuring me that they are secure - so WHEN they get hacked I'll be rolling them out.
'Virgin got out of the DSL business and sold it to TalkTalk.' - and that's how some of us ended up being TT customers - I'd leave if I could take my wife's virgin.net email with me/us (I've tried to get a domain name for her but her resistance to change is very high - other suggestions welcome - divorce too extreme)
Still, TT do save me 24p a month compared to Virgin!
Harding added that there were "very early indications that customers think that we're doing the right thing".
TalkTalk has repeatedly claimed that it had been completely transparent with customers about the attack on its website. On Wednesday morning, the firm said that the "majority of customers support our approach".
Yes I shall believe this with all the confidence I had with one of General Sissi's aides going on about freedom and an independent judiciary in Egypt. You have to admit she has balls to come out with this sort of stuff.
I guess El Reg isn't on her reading list (its only the leading UK IT news service so why bother?) and I doubt the journos are on her Christmas Card list either.
Walk, Dido, walk
This post has been deleted by its author
From today's Talktalk FAQ for customers about how well they have responded:
"Are all my details encrypted?
We are fully compliant with industry standards on encryption for customer personal information".
So that's a No.
(And does anyone know what these industry standards are? Talktalk don't say)
Talk Talk have been putting up the deflector shields since the attack. I used their online chat system to enquire about my contract details last week as I couldn't access the Online Management system. Before they answered my question I got three lots of copy and paste about the incident and what they were doing. I never asked for that information they just chucked it out there to deflect any criticism.
Luckily I've just passed the end of my fixed term contract so I'm off to pastures new.
Funnily enough since my "chat" with support and a couple of phone calls to sort out my leaving arrangements my broadband has been up and down like a bleedin yoyo. Which means I've had to spend yet more time dealing with the script monkeys and cut and paste merchants. #gladimleaving
Sexism #fail for not realising that the boss is a woman.
Chief spokesperson Dido may be female, but the chairman is Charley Dunstone. And funnily enough another business that he's chairman of (Carphone Dixons) had a recent data breach. Seems to me that he's running boards that have decided that customer data takes a back seat to investor interests - "shadow of the leader" and all that.....
It's patently clear the original comment was referring to DieDie Harding when they said boss. They even quoted her. So they are also incorrect in calling her boss. The reply was merely correcting the original poster that the person they were referring to is a woman, not a man.
I'm pretty sure most people wouldn't think the reply was indicating the gender of the real boss.
As a TalkTalk customer, I do not think they've done the right thing at all.
They did not promptly tell me that they'd been hacked - they did that a couple of days after it'd been widely reported in the media.
They'd already leaked my personal details anyway, as I'd already been called by 'TalkTalk' about a fault on my broadband which could damage my computer. Caller knew my name, address and TalkTalk account number.
By taking their site down, and keeping it down for so long, they prevented me from logging-in to pay my bill quickly, making me lose out on the Speedy Payment Discount.
They'd also left me wondering (until the site came back up today) why my bill last month had gone up. (Turned out to be the end of my promotional discount.)
Anyway, I'll soon be an ex-customer, I was only still there because I'd been awaiting the end of my lock-in period. My leaving was delayed a couple of weeks because their call centre (in Durban) put the wrong kind of cancellation on my account but after cancelling my cancellation, my new provider can take over my line.
Wanting to know when my contract was up (30 days rolling!) I had to phone customer service. A nice Indian lady asked me a number of security questions and then asked me for me password!!!! I refused and explained why. At the end of conversation she asked me why was leaving TT, FFS.
"My leaving was delayed a couple of weeks because their call centre (in Durban) put the wrong kind of cancellation on my account"
If your'e serious about leaving, NEVER give them advance notice. Just got to the other ISP and get them to do the legwork.
TT have a nasty habit of using the notice period to stall you, or (worse) to cease your line a day or so before the new ISP takes over which incurs a £100 reconnection fee.
In todays BBC article* on the subject, apparently the business community is pleased with TalkTalk's performance... and apparent retention of most of their customers.
Dido/TalkTalk PR machine is/are now trying to defuse the lack of encryption with:
"I can confirm that we're compliant with all encryption requirements for the industry, but actually it's not just about encryption," she said.
"So one of the reasons why none of our customers' credit card details were stolen in a way that means they can be used is because they were more than encrypted.
"They were what's called obfuscated - obscured. So that nowhere in the system did we actually hold all of their credit card number.
So yeah, it's all about obfuscation. It's better than encryption. Riiiiight!
"So yeah, it's all about obfuscation. It's better than encryption. Riiiiight!"
Well....to play devils advocate on this one point, she is right. Anything encrypted can be decrypted given time and resources. But if the info isn't there in the first place, it can't stolen/copied/hacked/decrypted. Note that I am ONLY referring to the one specific point about the credit card number and I'm not saying that what was stolen isn't useful to scammers, or even that she's telling the whole truth.. I'd still not trust her or TalkTalk.
That just goes to prove that analysts and their ilk have no real clue about the companies they are dealing with and explains a lot about why shares can go up and down on apparent whims.
The share price rise is based on a report which details performance BEFORE this latest data breach all kicked off. If I was a share holder in Talk Talk I'd be bailing out on this rise right now because I'd expect the next report to be a bit less optimistic.