Hacked telecom giant TalkTalk said it is not waiving contract termination fees for customers who have had their bank details stolen, unless money has been taken out of their account. In a video message to customers, CEO Dido Harding said that sensitive financial information was protected, but account numbers and sort codes could have been accessed.
"In the unlikely event that money is stolen from a customer's bank account, as a direct result of a cyberattack, rather than as a result of any information given out by the customer, then, as a gesture of goodwill, we will, on a case-by-case basis, waive termination fees," Harding said.
TalkTalk assured customers that many sensitive details were incomplete, arguing that numbers were often replaced by an 'x' and that credit and debit card numbers were not accessible. Over the weekend, Harding already said the firm is relieved the hack was smaller than expected.
Police in Northern Ireland arrested a 15-year-old boy in connection with the data hack on Monday (26 October). The Metropolitan Police said the teenager was detained on suspicion of Computer Misuse Act offences. He has been taken into custody in County Antrim where he is due to be interviewed.
In light of the recent attack, which was announced on Wednesday (21 October), business leaders and politicians have breathed new life into the conversation about cybercrime and possibly enhancing security. Considering it is the telecom provider's third hack in 18 months and the firm has, according to some, dealt slowly with the problem, Talktalk has also been criticised.
In the video, Harding said: "We would like to remind customers that banking or other personal details are increasingly being used by criminals as part of phone, email or text scams. Over the last year, we've promoted information about how you can protect yourself from these. Please stay on the lookout."
Talktalk confirmed that it has signed a deal with Noddle, an online credit monitoring service provider, and has given customers the opportunity to manually monitor and keep tabs on its credit activity in the light of the attack.
However, cybercrime remains a significant concern for many companies, especially those storing sensitive data from its customers. The Institute of Directors said it is one of "the biggest threats facing businesses and their customers".