Police have arrested a 15-year-old boy in Northern Ireland over an attack that may have led to the theft of data from 4 million customers of British telco TalkTalk.
The incident is believed to be one of the largest security breaches in Britain, and has led to calls for greater regulation of how UK companies and public bodies manage their user’s data.
A ransom demand was received by TalkTalk late last week. Since then, the firm has said the attack was not as serious as first feared and it did not believe those behind it would be able to steal money from its customers.
TalkTalk has also denied accusations of lax security, claiming its security policies were "head and shoulders" above its competitors.
London's Metropolitan Police today said a 15-year-old boy suspect had been arrested in connection to the incident, and officers had searched an address in Northern Ireland.
"He has been taken into custody at a County Antrim police station where he will later be interviewed," police said in a statement.
"We are grateful for the swift response and hard work of the police. We will continue to assist in the ongoing investigation," a TalkTalk spokesperson said.
The telco has hired defence company BAE Systems to investigate the attack.
Shares in the company fell a further 12 percent today, with around £360 million (A$764 million) wiped off the company's market value since the news first broke.
As a result of the incident, TalkTalk is likely to face tough questioning from British lawmakers about the adequacy of its cybersecurity posture.
Parliament's Culture, Media and Sport Committee has said it will conduct an inquiry on data protection, which will likely see TalkTalk executives summoned to appear.