The data hacked in the TalkTalk cyber attack ‘is significantly less than suspected’ with fewer than 21,000 bank details accessed, the company has said.
TalkTalk today revealed that 1.2 million customer email addresses, names and phone numbers were accessed, along with around 28,000 obscured credit and debit card details, and fewer than 15,000 customer dates of birth.
‘Even though the scale of the attack is significantly smaller than initially suspected, we continue to advise customers to be vigilant, and to take all precautions possible to protect themselves from scam phone calls and emails,’ a spokesman said.
Earlier, the Metropolitan Police revealed that a second boy has been arrested in connection with the alleged attack.
The 16-year-old, from Feltham in west London, was held on suspicion of computer misuse after a search of his home yesterday.
The teenager has been bailed to a date yet to be confirmed.
A 15-year-old boy from County Antrim in Northern Ireland was arrested on Monday in connection with the alleged data theft. He was bailed until a date in November.
The investigation is being carried out by the Met’s cyber crime unit, the PSNI’s cyber crime centre and the National Crime Agency.
The latest breach is the third in a spate of cyber attacks affecting TalkTalk in the last eight months, with incidents in August and February resulting in customers’ data being taken.
Police confirmed officers also carried out a search at a residential property in Liverpool in connection with the cyber attack.
Inquiries by the Met’s cyber crime unit and officers from the National Crime Agency, the British equivalent of the FBI, continue.
The first boy arrested, from Northern Ireland, is known to like the Call Of Duty video game which simulates warfare, neighbours said.