A 15-year-old boy arrested in connection with the TalkTalk cyber attack has been freed on bail as the police investigation continues.
The teenager, who was detained in Northern Ireland on Monday and questioned on suspicion of offences under the Computer Misuse Act, has been released pending further inquiries, police said.
Meanwhile, TalkTalk, which has four million UK customers, has pledged to waive exit fees in some cases where people want to leave their contract - but only if money is stolen from them.
In order to leave without being hit by a termination fee, customers will need to show that money was stolen from their bank account as a direct result of the cyber attack and not because they have handed over their personal details themselves.
The phone and broadband provider has said that in the "unlikely" event that cash is taken from someone's account as a direct result of the cyber attack, then it will waive termination fees as a "gesture of goodwill".
Customers will need to write to TalkTalk with proof of the fraudulent bank transaction and termination fees will be waived on a "case by case" basis, TalkTalk said.
Which? executive director Richard Lloyd said TalkTalk's pledge is the "bare minimum" and urged it to consider all the ways in which customers could lose out from having their data compromised.
He said: "TalkTalk must treat their customers fairly by letting those affected leave their contracts without penalty and consider offering appropriate compensation."
Financial Fraud Action UK has been warning consumers that fraudsters often use events such as the cyber attack to trick people into handing over personal details about themselves, which can then be used to empty victims' bank accounts.
They will bombard people with phone calls, texts and emails claiming to be from their bank, the police or telecoms companies following incidents such as this, in order to make their approaches appear more credible.
It said people should be extremely wary of any call, text or email they receive out of the blue, even if it claims that there has been fraud on their account.
TalkTalk said customers should monitor their accounts over the coming months and report anything unusual to Action Fraud.
It has said that bank account numbers and sort codes, like those printed on a cheque, may have been accessed.
But it continued: "Without more information, criminals can't use these to take money from your bank account. Even then, the chances are very small indeed."
TalkTalk's share price jumped more than 9% in early trading today, following a sharp fall of more than 12% yesterday.
The company is working with cyber crime experts, the security services and the police to complete a "thorough investigation".
A Police Service of Northern Ireland spokesman said: "A 15-year-old youth, arrested in County Antrim yesterday as part of the investigation into the alleged theft of data from the firm TalkTalk, has been released on bail pending further inquiries.
"The investigation being conducted by the Metropolitan Police cyber crime unit, Police Service of Northern Ireland (PSNI) and National Crime Agency is continuing."
The teenager was interviewed at Antrim police station after he was arrested and a house searched on Monday afternoon.
The investigation is being carried out by the Met's cyber crime unit, the PSNI's cyber crime centre and the National Crime Agency.
TalkTalk chief executive Dido Harding said she was still unsure how many of the telecoms giant's four million UK customers had been affected by the attack, which affected its website rather than its "core systems".
Jesse Norman, chairman of the Commons Culture, Media and Sport Select Committee, is leading an inquiry into the alleged data breach.
Officers are investigating a ransom demand sent to the phone and broadband provider by someone claiming to be responsible and seeking payment. The firm said it was not sure if the message was genuine.
The latest breach is the third in a spate of cyber attacks affecting TalkTalk in the last eight months, with incidents in August and February resulting in customers' data being stolen.
A Met Police statement said the suspect had been bailed until a date in November.