Just under 160,000 of TalkTalk’s 4.2 million customers were affected by the attack on its website last month, the company has stated.
On 22 October, hackers breached the website and stole a previously unknown number of customers’ personal details – including financial information – which forced TalkTalk to shut down its website and suspend all marketing as it tried to reassure its entre user base.
It has however revealed that the data of 156,959 customers was stolen, below the original estimate, while 15,656 bank account details and sort codes had been accessed. Around four per cent of its customers had sensitive personal data at risk, it added.
Chief executive Dido Harding has maintained throughout the crisis that any banking details leaked would have been “partial” and not enough to withdraw money. The company reiterated that data, which The Times suggests was sold on in pieces to scammers for little more than a pound, “cannot on its own lead to financial loss”.
The company is continuing to contact at risk customers and is advising everyone to be cautious of phone and email scams.
However it has come under fire for refusing to waive early termination fees for customers.
Four have been arrested in connection with the hack, including a 15-year old boy in County Antrim, Northern Ireland.