A 15-year-old boy arrested in connection with the TalkTalk cyber attack has been freed on bail as the police investigation continues.
The teenager, who was detained in Co Antrim on Monday and questioned on suspicion of offences under the Computer Misuse Act, has been released pending further inquiries, police said.
Meanwhile, TalkTalk, which has four million UK customers, has pledged to waive exit fees in some cases where people want to leave their contract - but only if money is stolen from them.
In order to leave without being hit by a termination fee, customers will need to show that money was stolen from their bank account as a direct result of the cyber attack and not because they have handed over their personal details themselves.
The phone and broadband provider has said that in the “unlikely” event that cash is taken from someone’s account as a direct result of the cyber attack, then it will waive termination fees as a “gesture of goodwill”.
Customers will need to write to TalkTalk with proof of the fraudulent bank transaction and termination fees will be waived on a “case by case” basis, TalkTalk said.
Which? executive director Richard Lloyd said TalkTalk’s pledge is the “bare minimum” and urged it to consider all the ways in which customers could lose out from having their data compromised.
He said: “TalkTalk must treat their customers fairly by letting those affected leave their contracts without penalty and consider offering appropriate compensation.”
Financial Fraud Action UK has been warning consumers that fraudsters often use events such as the cyber attack to trick people into handing over personal details about themselves, which can then be used to empty victims’ bank accounts. They will bombard people with phone calls, texts and emails claiming to be from their bank, the police or telecoms companies following incidents such as this, in order to make their approaches appear more credible.
It said people should be extremely wary of any call, text or email they receive out of the blue.
TalkTalk said customers should monitor their accounts and report anything unusual to Action Fraud. It has said that bank account numbers and sort codes, like those printed on a cheque, may have been accessed.
But it continued: “Without more information, criminals can’t use these to take money from your bank account. Even then, the chances are very small indeed.”
The latest breach is the third in a spate of cyber attacks affecting TalkTalk in the last eight months, with incidents in August and February resulting in customers’ data being stolen.
A Met Police statement said the suspect had been bailed until a date in November.