The identity of the suspect is not disclosed.
Advertisement
He has been taken into custody at Antrim police station and is being questioned by detectives from the Police Service of Northern Ireland.
On October 22nd, the company admitted that customer data including names, addresses, account information and credit card/bank data had been stolen following an attack on its website.
TalkTalk has said that it will only waive contract termination fees for customers that have money stolen from them following last week’s cyber attack.
TalkTalk provides fixed-line and broadband services to roughly four million customers in Britain.
Legally, the company is also facing a maximum fine of £0.5 million ($0.76 million / €0.45 million), which is pocket change for a firm that had revenues of £1.8 billion ($2.76 billion / €2.5 billion) only past year.
“Bank account numbers and sort codes (as you would find printed on a check) may have been accessed”.
The company said it did not know how much of its customer information had been encrypted following the third cyber attack that hit the company in the last 12 months.
According to a statement given by the Metropolitan Police, he was arrested “on suspicion of Computer Misuse Act offenses”.
Police have said enquiries are still ongoing, with a search of the boy’s address now under way.
Despite Harding’s attempts to play down the seriousness of the incident, once cyber-criminals have access to an individual’s personal details it could open the floodgates to a wide range of information theft and fraud.
Jesse Norman, chair of the Culture, Media and Sport Select Committee, is leading an inquiry into the alleged data breach.
Advertisement
The attack, which took place on Wednesday, prompted the company to deny accusations of laxity and say its security was “head and shoulders” above that of its competitors.
