Tweet
Police are investigating a "significant and sustained cyber-attack" on the TalkTalk website, the UK company says.
The phone and broadband provider, which has over four million UK customers, said banking details and personal information could have been accessed.
TalkTalk said potentially all customers could be affected but it was too early to know what data had been stolen.
The Metropolitan Police said no-one had been arrested over Wednesday's attack but enquiries were ongoing.
TalkTalk said in a statement that a criminal investigation had been launched on Thursday.
It said there was a chance that some of the following customer data had been accessed:
- Names and addresses
- Dates of birth
- Email addresses
- Telephone numbers
- TalkTalk account information
- Credit card and bank details
Dido Harding, chief executive of the TalkTalk group, told BBC News its website was now secure again and TV, broadband, mobile and phone services had not been affected by the attack.
'Crime of our generation'
The TalkTalk sales website and the "My account" services are still down but the company hopes to restore them on Friday.
Ms Harding added: "We brought down all our websites [on Wednesday] lunchtime and have spent the last 24 hours investigating with the Met Police.
"It's too early to know exactly what data has been attacked and what has been stolen.
"Potentially it could affect all of our customers, which is why we are contacting them all by email and we will also write to them as well."
t is the third cyber attack to affect TalkTalk customers over the past 12 months.
In August, the company revealed its mobile sales site had been targeted and personal data breached.
And in February, TalkTalk customers were warned about scammers who had managed to steal thousands of account numbers and names.
The biggest risk is that customers' details have been stolen and criminals try to impersonate themDido Harding, TalkTalk group chief executive
Ms Harding said: "Unfortunately cybercrime is the crime of our generation. Can our defences be stronger? Absolutely. Can every company's defences be stronger?
"I'm a customer myself of Talk Talk, I've been a victim of this attack."
Banks alerted
It is expected to take some time to contact everyone and a number of customers have taken to social media to express their frustration that they are yet to hear anything.
One customer told BBC Radio 5 live: "It's just the latest in a long line of failures... To hear about it up to 48 hours after something may have happened really isn't good enough."
Another said: "I still haven't heard anything from the company.
"I only heard about it because I happened to turn the TV on. It is very worrying."
TalkTalk urged customers to keep an eye on their accounts over the next few months and report any unusual activity to their bank and Action Fraud on 0300 123 2040.
The company said it had contacted the major banks asking them to monitor for any suspicious activity on customers' accounts and that every customer would also be getting a year's free credit monitoring.
Ms Harding said: "The biggest risk is that customers' details have been stolen and criminals try to impersonate them."
'Rapid growth'
Professor Peter Sommer, an expert an cyber security, said TalkTalk's rapid growth could be to blame for the breaches.
"They are acquiring more customers and each of those customers wants to do more things and so they have to increase their capacity... but that's an expensive exercise," he told the BBC.
"The quality and quantity of attacks increases all the time so it's a significant problem for many companies.
"But undoubtedly TalkTalk has had significant problems for some time and they simply had to go public now because personal data is available and the Information Commissioner is going to be hard down on them to see why they haven't performed better."
http://www.bbc.co.uk/news/uk-34611857
Comment