According to police, the suspect was arrested by officers from the Police Service of Northern Ireland, cooperating with detectives from the Metropolitan police’s cybercrime unit, on suspicion of offences under the Computer Misuse Act. The boy was taken into custody to be interviewed. The phone and broadband provider responded that it was grateful for the swift response and hard work of the authorities and promised to continue to assist with the ongoing investigation.
TalkTalk recently announced that the company’s executives would be summoned before MPs to explain how hackers managed to steal customer bank details. Meanwhile, the provider is trying to limit the damage of the hacking attack. An inquiry into the incident was launched by a chair of the culture, media and sport select committee, after which TalkTalk claimed that the amount of data was lower than first estimated and that banking details were safe. Now the main question seems to be whether TalkTalk had properly protected itself, and whether sufficient fines are in place for data breaches. It is known that in the wake of the hack, the company claimed that its cybersecurity was much better than that of its competitors. On the other hand, security experts claimed that the TalkTalk attack was expected and pointed out the company’s failings.
So far, the service provider is facing a maximum fine of £500,000 despite its annual turnover of £1.8bn. It was called to release affected customers without imposing early termination charges. Exit penalties have to be paid by the subscribers if they opt to leave mid-contract. The fines can reach £300 in the telecoms sector. However, TalkTalk claimed that it would only let people leave without penalty if money is stolen from a customer’s bank account in result of this hack. For example, after the previous data breach, scammers have repeatedly called TalkTalk customers to quote them their account numbers and gain their trust.