I'm guessing they used the... "I've forgotten my password, send me a new one to my email address " ...hole in the system
Which leads to the question - if the person was a former user, how come the TalkTalk address was still set as the password reset address rather the current email address? Yes, TalkTalk are as much use as a fishnet condom and will hopefully go bust, but it seems there's a touch of user error here as well.