The TalkTalk hack wasn't as bad as it could have been, the company has claimed.
On the day that a second teenager was arrested in connection with the hacking of customer details from the company, it has revealed that less than 21,000 "unique" bank account numbers and sort codes were accessed.
As well as the account numbers, thousands of obscured credit carddetails, dates of birth and more than a million customer email addresses and phone numbers were compromised in the cyberattack.
Initial reports had suggested that all of the company's four million customers may have had their personal information accessed.
The company described the incident as being "significantly smaller than initially suspected". TalkTalk CEO Dido Harding repeated apologies for the breach.
The full figures, according to TalkTalk are:
- 21,000 unique bank account numbers and sort codes
- 28,000 obscured credit and debit card details
- 15,000 customer dates of birth
- 1.2 million customer email addresses, names and phone numbers
Alarmingly the company also said that "not all" of the data accessed was encrypted, but did say that credit and debit card details were "tokenised," a higher standard than some forms of encryption.
Two teenagers, one 15-year-old and from Northern Ireland and a 16-year-old from London, have been separately arrested and questioned over the hack. A property in Liverpool has also been searched.
TalkTalk is advising customers to "remain vigilant" and report any suspicious bank account activity as soon as it may be noticed.
This article was originally published by WIRED UK
