A teenage schoolboy has been arrested over the cyber attack on TalkTalk.
The 15-year-old was arrested on suspicion of stealing data from the internet firm’s website after police officers in Northern Ireland armed with a search warrant raided an address in County Antrim yesterday afternoon. He was taken in for questioning while his home was searched.
TalkTalk on its website said hackers who carried out the “significant and sustained cyberattack” had not accessed “sensitive financial information” such as credit and debit card numbers but may have got hold of account numbers and sort codes.
It added in the “unlikely event” a customer’s bank account has been raided as a “direct result of the cyber-attack” “then as a gesture of goodwill, on a case by case basis, we will waive termination fees”. A spokesman said: “TalkTalk can confirm that we have been informed by the Metropolitan Police of the arrest of a suspect in connection with the cyber attack on our website on October 21.
“We know this has been a worrying time for customers and we are grateful for the swift response and hard work of the police. We will continue to assist in the ongoing investigation.”
Scotland Yard said: “An arrest has been made in connection with the investigation into alleged data theft from the TalkTalk website.
“On Monday, 26 October, at approximately 4:20pm officers from the Police Service of Northern Ireland, working with detectives from the Metropolitan Police Cyber Crime Unit, executed a search warrant at an address in County Antrim, Northern Ireland. At the address, a 15-year-old boy was arrested on suspicion of Computer Misuse Act offences.
“!He has been taken into custody at a County Antrim police station where he will later be interviewed. A search of the address is ongoing and enquiries continue.”
Jesse Norman, chair of the Culture, Media and Sport Select Committee, is leading an inquiry into the alleged data breach.
The latest breach is the third in a spate of cyber attacks affecting TalkTalk in the last eight months, with incidents in August and February resulting in customers’ data being stolen.