Police are continuing to question a 20-year-old man arrested in connection with the cyber attack on telecoms firm TalkTalk.
The man, detained at an address in Staffordshire on Saturday, is the third person to be held in relation to the alleged data theft.
He is being held on suspicion of offences under the Computer Misuse Act and remains in custody at a local police station.
Two teenagers have previously been arrested in connection with the alleged data theft.
A 16-year-old boy, from Feltham in west London, was held on suspicion of computer misuse after a search of his home on Thursday.
The teenager has been bailed to a date yet to be confirmed.
A 15-year-old boy, from County Antrim in Northern Ireland, was arrested on Monday and was bailed until a date in November.
The investigation is being carried out by the Metropolitan Police's cyber crime unit, the Police Service of Northern Ireland's cyber crime centre and the National Crime Agency.
The latest breach is the third in a spate of cyber incidents affecting TalkTalk in the last year.
Police confirmed that officers have also carried out a search at a residential property in Liverpool in connection with the cyber attack.
TalkTalk said it had been subjected to a "significant and sustained" attack on its website on October 21, which prompted fears that millions of people may have had their bank details stolen.
The telecoms giant has since said the data hacked was "significantly less than originally suspected" with fewer than 21,000 unique bank account numbers and sort codes accessed.
Fewer than 1.2 million customer email addresses, names and phone numbers were breached, along with fewer than 28,000 obscured credit and debit card details, and fewer than 15,000 customer dates of birth, the company said.
Last December, one of TalkTalk's third party suppliers suffered an internal data breach which meant that some non-financial customer information was illegally accessed, while, in August, Carphone Warehouse, which hosts the mobile.talktalk.co.uk website alongside a number of others, was subject to a cyber attack, a TalkTalk spokeswoman said.
Meanwhile Vodafone said nearly 2,000 customers are "open to fraud" after hackers accessed their personal details.
The mobile phone giant said 1,827 accounts had been breached, potentially providing criminals with customers' names, mobile numbers, bank sort codes and the last four digits of their bank accounts.
An investigation was launched by the company before the National Crime Agency, Ofcom and the Information Commissioner's Office were informed on Friday evening.
Vodafone said its security protocols were "fundamentally effective" and no credit or debit card details were accessed.