TalkTalk hires BAE cyber specialists, says attack smaller than feared

The telecoms provider has hired BAE's Applied Intelligence arm to work with the Metropolitan Police to review the system logs at its headquarters.

The unit was also working to secure the system so that it could reconnect customers to the internet, the Sunday Telegraph reported.

As many as four million customers are believed to have had their personal and financial details stolen.

Sources have said that so far it is not thought that the attack was the result of an insider, nor the work of Islamist terrorists. Sources also told the publication that it was not believed to be linked to the smaller attack on TalkTalk's former parent company Carphone Warehouse in the summer.

IoD senior corporate governance adviser Oliver Parry told the BBC that the police need to make cyber-crime an "urgent priority and investigate theft of data just as it would theft of physical property".

Regular reviews of risks by company boards would "ensure they know where the potential threats are coming from and are prepared in case the worst happens", he added.

"The UK is a world leader in the digital economy, so we urge the government and companies to work together to make us the world leader in countering the scourge of cyber crime," he said.

In an update issued on Saturday afternoon, the company confirmed that the attack was on its website, not its core systems.

It also said account passwords have not been accessed and that it now expects "the amount of financial information that may have been accessed to be materially lower than initially believed and would on its own not enable a criminal to take money from [an] account".

TalkTalk has apologised, saying it is "extremely sorry for any concern and inconvenience this incident may have caused".