LONDON (AP) — British telecoms company TalkTalk says a cyberattack feared to have put 4 million customers’ details at risk is not as bad as initially thought.

Chief executive Dido Harding said Saturday that attackers hacked the company’s website but not its core systems, and “none of our customers’ credit card information has been exposed.”

She said some bank account details had been accessed, but not enough for thieves to steal money from customers’ accounts.

TalkTalk has acknowledged that it realized it was under attack on Wednesday and has been criticized for not telling customers for more than a day.

On Friday the firm said it had received a ransom note from the alleged hackers.

It is the third known cyberattack this year on TalkTalk, which provides mobile phone, Internet and pay-TV services.