News that the TalkTalk website had been hit by a “significant and sustained cyber-attack” broke last week, reports The BBC.
The phone and broadband provider, which has more than four million customers in the UK, said bank details and personal information could have been accessed.
But credit and debit card numbers had not been stolen, it said.
“In the unlikely event that money is stolen from a customer’s bank account as a direct result of the cyber-attack [rather than as a result of any other information given out by a customer], then as a gesture of goodwill, on a case-by-case basis, we will waive termination fees,” the company said on its website.
At the weekend, TalkTalk’s chief executive said the attack was “smaller” than originally thought.
Dido Harding said any credit card details taken would have been partial and the information might not have been enough to withdraw money “on its own”.