The number of people affected by the TalkTalk hack unveiled last Thursday is “significantly less” than originally suspected, the company said today.
Hoping to reassure worried customers, TalkTalk has released official figures based on an internal investigation showing how many people had their data accessed, revealing that some 20,000 bank account numbers and 28,000 partially obscured credit card details were accessed.
The investigation also showed that some 1.2 million customer email addresses, names and phone numbers were accessed – far lower than the 4 million initially feared to have been affected.
The company also stressed that the bank details cannot be used for financial transactions – but still advises all customers to be "vigilant" against telephone or email scams.
Dido Harding, TalkTalk’s chief executive, said that the company remained “committed” to earning back customers’ trust:
Today we can confirm that the scale of attack was much smaller than we originally suspected, but this does not take away from how seriously we take what has happened and our investigation is still ongoing.
Voices have been raised for Harding's resignation over the massive hack, but the embattled chief exec has shown no signs of bowing to this pressure.
Investors were immediately buoyed by the figures released today, and TalkTalk's shares, which have fallen nearly 20 per cent in the days since the hack became known, shot up 2.7 per cent in the minutes after the investigation was made public.
The Metropolitan Police’s cyber crime unit continues to investigate the case. One 15-year-old was arrested on Monday in Northern Ireland, and a 16-year-old was arrested this morning in Feltham.