The National Crime Agency (NCA) in the UK has confirmed that a 17-year-old suspect was arrested in Walsall, West Midlands, on September 5, four days after the cyber attack affected Transport for London (TfL).
Paul Foster, the head of the NCA's National Cyber Crime Unit, said: "Attacks on public infrastructure such as this can be hugely disruptive and lead to severe consequences for local communities and national systems."
Around 5,000 TfL customers' sort codes and bank account details could have been accessed by hackers. TfL noted that things like names, emails and home addresses were accessed as a result of the cyber attack.
Foster added: "We have been working at pace to support Transport for London following a cyber attack on their network, and to identify the criminal actors responsible.
"The swift response by TfL following the incident has enabled us to act quickly, and we are grateful for their continued co-operation with our investigation, which remains ongoing."
Elsewhere, Shashi Verma - TfL's chief technology officer - explained: "Although there has been very little impact on our customers so far, the situation continues to evolve and our investigations have identified that certain customer data has been accessed.
"This includes some customer names and contact details, including email addresses and home addresses where provided.
"Some Oyster card refund data may also have been accessed. This could include bank account numbers and sort codes for a limited number of customers.
"As a precautionary measure, we will be contacting these customers directly as soon as possible to advise them of the support we can provide and the steps they can take."