Phone and broadband provider TalkTalk suffered a "significant and sustained cyber-attack" on Wednesday, according to the company. Police were called in to investigate the breach, with the personal information of more than four million customers potentially put at risk, including credit card and bank details.
The company stressed it was too early to know exactly what data had been stolen. A spokeswoman for the Metropolitan Police said: "There have been no arrests and enquiries are ongoing."
TalkTalk released a statement on Thursday stating that a criminal investigation had been launched and warning that customers' dates of birth, email addresses and bank details had been accessed. "We brought down all our websites [Wednesday] lunchtime and have spent the last 24 hours investigating with the Met Police,” Dido Harding, chief executive of the TalkTalk group, told BBC News.
"It's too early to know exactly what data has been attacked and what has been stolen... Potentially it could affect all of our customers, which is why we are contacting them all by email and we will also write to them as well," he added.
A TalkTalk spokesman said: "A criminal investigation was launched by the Metropolitan Police Cyber Crime Unit following a significant and sustained cyber attack on our website yesterday. That investigation is ongoing, but unfortunately there is a chance that some of the following data has been compromised: names, addresses, date of birth, phone numbers, email addresses, TalkTalk account information, credit card details and/or bank details. We are continuing to work with leading cyber crime specialists and the Metropolitan Police to establish exactly what happened and the extent of any information accessed."
Wednesday's breach is the third to blight TalkTalk customers this year following attacks in February and August.