British police announced Tuesday they had arrested a fourth teenager in connection with a data breach suffered by the Internet Service Provider TalkTalk.

The investigation of the TalkTalk data breach is still going, in a few days other two suspects have been arrested by law enforcement under the country’s Computer Misuse Act. The company suffered other two cyber attacks in eight months that caused the theft of  customers’ data. A few days ago a third man was arrested in connection with the TalkTalk hack, he is a 20-year-old man from Staffordshire and he has been released on bail until March after he was arrested by law enforcement under the country’s Computer Misuse Act.

Investigators believe that he is a member of the group that hacked the telco firm TalkTalk stealing 1.2 million customer details (email addresses, names, and phone numbers, dates of birth) along with nearly 28,0000 partial credit and debit cards.

According to a statement from the Metropolitan Police, a fourth hacker was arrested, another teen that is from Norwich.

The TalkTalk ISP admitted some data are that were stolen by hackers are not encrypted, they classified the attack as “significant and sustained” but downgraded the risk of possible financial theft resulting from the hack.

TalkTalk confirmed that it is supporting the investigation conducted by the National Crime Agency and law enforcement. There are many aspects still no clear in the incident, let me remind you that the company was hit by a DDoS attack before the data breach and that an alleged LulzSec member claimed responsibility for the it denying any involvement in the data breach.

Someone also sent a ransom demand to TalkTalk, but no news has been provided on its origin and authenticity.

Stay Tuned!

Pierluigi Paganini