Two friends from the Midlands have been jailed for a total of 18 months at the Old Bailey for their part in the notorious 2015 hack attack on TalkTalk, which the company claims has cost it a total of £77m.
Matthew Hanley, 23, and Connor Allsopp, 21, both from Tamworth, admitted charges relating to the massive data breach of customers’ details at a previous hearing and were warned by the Old Bailey judge last week that a “custodial sentence was inevitable”.
Hanley, who was jailed for 12 months, admitted supplying data for hacking to another man and giving his friend Allsopp, jailed for 8 months, the personal and financial details of TalkTalk customers for use in fraud.
The fourth charge related to obtaining a number of computer files for committing an offence under the Computer Misuse Act. They included a file of names and passwords for server systems belonging to Nasa, handed over to Hanley by a Skype contact as a “little present”.
Peter Ratliff, prosecuting, told the Old Bailey last week that Hanley was a “determined and dedicated hacker” who was aware of the risks he was taking.
He said: “On or shortly before October 24 2015, and after a significant and well-publicised attack on the website of the company TalkTalk, the defendant Hanley has admitted his involvement. But before his arrest he erased the content of his computer.”
Ratliff said BAE Systems analysis suggested there may have been up to 10 attackers.
TalkTalk first became aware of “latency issues” on its website early on October 21 2015 and launched an investigation. Later that day, then-CEO Dido Harding was subjected to repeated attempt to blackmail her, with demands for Bitcoins in exchange for stolen data.
In the aftermath of the attack Harding had claimed the company’s data security was “head and shoulders above rivals” but, in 2016, the company was slapped with a £400,000 fine by the Information Commissioner’s Office for security failings that allowed hackers to access sensitive customer data direct from its systems “with ease”.
The ICO’s in-depth investigation found that the attack could have been prevented if TalkTalk had taken basic steps to protect customers’ information.
Related stories
Midlands duo face jail after fessing up to TalkTalk hack
TalkTalk chief bows out ‘after seven fulfilling years’
17-year-old lad pleads guilty to TalkTalk ‘car crash’
TalkTalk could have faced £70m fine under GDPR
TalkTalk rocked by record £400k fine for data breach
TalkTalk flayed over brutal treatment of pensioner
TalkTalk hits back at ‘worst customer service’ claim
TalkTalk claims bounceback despite slump in profits