A 15-year-old boy in County Antrim, Northern Ireland, was arrested Monday in connection with Wednesday’s hack of British telecoms company TalkTalk, which may have exposed the personal data, including bank details, of over 4 million customers.
The Police Service of Northern Ireland (PSNI), the Metropolitan Police Cyber Crime Unit (MPCCU) and the National Crime Agency said they were investigating the attack and collaborated on the boy’s arrest. They opened a full-fledged investigation into the hack on Thursday, according to the BBC.
“[The boy] has been taken into custody at a County Antrim police station where he will later be interviewed,” London police said in a statement, adding that the boy had been arrested “on suspicion of Computer Misuse Act offences.” They also said that they’ve issued a search warrant for the address where he was discovered.
TalkTalk representatives initially said that they were unsure how much customer data was encrypted and therefore protected, and that they’d received a ransom demand from a hacker. TalkTalk CEO Dido Harding has since said that many of the credit-card details potentially accessed by hackers would’ve been partial and therefore unusable, according to the BBC.
TalkTalk has hired BAE Systems to continue investigating the hack, according to Reuters. The company will likely face tough questioning about its hack-prevention techniques from British lawmakers, according to the Guardian.
TalkTalk said in a statement that it is “making security enhancements.”