Last week, UK telecoms service Talk Talk announced that it had been the victim of “a significant and sustained cyberattack”. In the third hacking incident that the company has suffered this year, sensitive information belonging to thousands of customers was stolen, including phone numbers and bank account details.

Talk Talk has understandably come under some heavy fire in the media, and has been very present on Twitter from the beginning of the crisis. We used the Visibrain platform to break down how the crisis unfurled on Twitter, how Talk Talk reacted as a company, and what tweeters had to say about the cybersecurity disaster.

Crisis timeline

Since the crisis broke on Thursday October 22nd, there have been 183,323 tweets about Talk Talk by 70,454 users. The hacking scandal was a trending topic for two full days: the screenshot from the Visibrain platform below shows tweet volumes for the subject being very high on Thursday and Friday:

Although the hack wasn’t officially announced until Thursday, customers had already started to experience problems the day before. If we look at top tweets for October 21st, this tweet from @TalkTalkCare apologizing for issues with their website and email access is in the top 3:

Good morning. We're sorry if anyone is having problems with My Account this morning. Our engineers are investigating https://t.co/ukB8Em5JyF

— TalkTalk (@TalkTalkCare) October 21, 2015

The crisis broke on the evening of October 22nd. If we look at the tweet volume timeline below, we can see that the number of tweets started to rise considerably just before 9 pm:

By sorting tweets by date and time of publication, we can find out how it all started: the first person to tweet about the scandal was actually Daily Mail journalist Katherine Rushton @kerushton, at 8.47 pm:

Just one minute later, she was retweeted by Bloomberg journalist Clementine Fletcher @clemfletch.

Talk Talk officially tweeted about the hack at 8.57 pm:

Our website was subjected to a significant and sustained #cyberattack. There’s more information here https://t.co/yQK3Q73AjW

— TalkTalk (@TalkTalkCare) October 22, 2015

Within minutes, the story had been tweeted by BBC News, Sky News, and The Independent.

Police investigating "significant and sustained cyber-attack" on TalkTalk website, UK company says https://t.co/r1m4cxjk5H

— BBC Breaking News (@BBCBreaking) October 22, 2015

#TalkTalk says a criminal investigation has been launched following a "significant and sustained" cyber attack on their website yesterday

— Sky News Newsdesk (@SkyNewsBreak) October 22, 2015

Police launch investigation into cyberattack on TalkTalk website https://t.co/atnowJZfq1

— The Independent (@Independent) October 22, 2015

News of the crisis continued to spread, and on Friday October 23rd, Talk Talk’s CEO declared she had received a ransom email demanding money in exchange for the stolen data.

Twitter traffic calmed down over rest of the weekend, but spiked sharply again this week on Monday evening when it was announced that a 15 year-old boy had been arrested in connection with the hackings.

Customers rush to Twitter for answers

The customer response to the hacking was immediate and intense, with many taking to Twitter with their questions and concerns: 70% of tweets sent after the crisis broke on Twitter were originals, showing that users were writing their own tweets, not simply retweeting the news.

Within just three hours of the crisis breaking, @TalkTalkCare and @TalkTalk_UK had received 1,738 mentions, compared to just 188 in the three hours prior. Talk Talk Care was flooded with messages as customers tried to find out what had happened to their data.

A sample of the top tweets mentioning @TalkTalkCare shows that customers were far from happy, complaining about the fact that Talk Talk had suffered from hacks in the past and that they had received no notification from Talk Talk beyond the mainstream media:

So what kind of questions were customers tweeting the most? If we look at top expressions used in tweets mentioning @TalkTalkCare over the past week, we can see that “contract” figures among the most-tweeted words.

By clicking on the expression, we can view tweets in which it was used to better understand the context. The screenshot below shows that many customers were trying to find out if they could cancel their contracts without suffering penalties:

All in all, not good news for Talk Talk. With its reputation in tatters and large amounts of customers set to leave, how did the company use Twitter to handle the crisis?

##TalkTalk maintains a steady dialogue

Of course, Talk Talk has come under a hail of criticism since the start of the crisis, and the company has been working hard to stay present on Twitter.

Since the scandal broke, @TalkTalkCare and @TalkTalk_UK have sent a staggering 4,932 tweets. That’s a very high number of messages, even if we take into account the fact the @TalkTalkCare deals with everyday customer support. As well as publishing general updates, the @TalkTalkCare account was used to answer worried customers individually:

In spite of taking the time to respond to individual queries however, some of the more difficult matters, such as customers wishing to break contract without penalty, were being carefully avoided by Talk Talk:

@WestBromEL Hi, Each customer will be dealt with individually and all circumstances considered before any decision is agreed. Karl.

— TalkTalk (@TalkTalkCare) October 25, 2015

Customers were understandably frustrated by these particular tactics.

Talk Talk’s CEO comes under fire

As was the case with the recent Volkswagen crisis, Talk Talk’s CEO Dido Harding did not come out unscathed. She was the target of harsh comments and ridicule on Twitter after admitting not being aware of many of the company’s cybersecurity procedures, including whether or not the stolen data had been correctly encrypted.

If we use her name and title as filters within the Visibrain platform, we can see that 8,505 tweets have mentioned Dido Harding over the past week, and the most-retweeted posts are far from complimentary:

Several anti-Talk Talk accounts attempted to share Harding’s email address to encourage customers to contact her and demand compensation:

HAVE A #TALKTALK COMPLAINT? EMAIL: dido.harding@talktalkplc.com CEO CAN HELP U, BUT 100,000s LEAVING #TALKTALK RT https://t.co/rwHsCqxmZ1

— FORGETTALKTALK (@forgettalktalk) October 23, 2015

Although we can’t know if the address is truly genuine, it is the most commonly used expression in tweets mentioning Talk Talk’s CEO, appearing thousands of times:

Dido Harding does not appear to have a Twitter account, and has not tweeted personally about the crisis, although she apologized to customers in a video tweeted by the @TalkTalkCare account:

Following the #CyberAttack on our website, our priority is helping you stay safe and secure. https://t.co/7Q8OWnCCWB

— TalkTalk (@TalkTalk_UK) October 24, 2015

---

This most recent hack has been extremely damaging to Talk Talk’s reputation. Although a clear effort was made to communicate with customers and remain transparent, it may not be enough: Talk Talk has been unable to answer some major questions and customers remain very unsatisfied with the lack of explanation or compensation offered.

As we saw with the recent Ashley Madison hacks, cybersecurity is clearly becoming a major issue for companies and their customers. Only time will tell if Talk Talk will manage to win back the trust of its client base.

---

Subscribe to the newsletter

Stay up to date and subscribe to our newsletter and receive media monitoring best practices, social data trends & exclusive case studies: