TalkTalk has received a ransom demand from an individual or group that claims to be responsible for launching a “significant and sustained cyberattack” that has compromised the personal details of its customers.
Dido Harding, chief executive of the telecommunications company, told the BBC that an email was sent directly to her asking for money.
She said that she was unable to confirm whether the request is genuine, only that she has been contacted.
"It is hard for me to give you very much detail, but yes, we have been contacted by an individual or a group purporting to be the hacker."
"It is hard for me to give you very much detail, but yes, we have been contacted by, I don't know whether it is an individual or a group, purporting to be the hacker,” commented Ms. Harding.
"All I can say is that I had personally received a contact from someone purporting - as I say I don't know whether they are or are not - to be the hacker looking for money."
The Metropolitan Police Cyber Crime Unit is currently leading an investigation into the incident and has so far made no arrests.
Speaking earlier, Jayne Snelgrove, detective superintendent of the Cyber Crime Unit, said: “We are aware of speculation regarding alleged perpetrators; this investigation remains at an early stage; a full assessment of the alleged data theft is ongoing.”
The Met, she went on to say, has one of the biggest cybercrime and fraud teams in Europe.
This case is particularly sensitive as it is possible that all of TalkTalk’s four million customers have been affected.
More troubling, the company revealed that not all of the data housed on its system had been encrypted.
Despite having already been attacked on two occasions this year, the company said that it believed its networks “were as secure as they could be”.
"I'm very sorry for all the frustration, worry and concern this will inevitably be causing all of our customers," Ms Harding said in her interview with the BBC.
"We have been working through the night to make sure that we contact all of our customers and can reassure them about how they can keep their data safe."