A TalkTalk hacker, who has had the threat of a prison sentence hanging over his head for nearly two-and-a-half years, has finally heard his fate after being banged up for four years for his part in one of the most infamous cyber crimes in history.
Despite having no previous convictions, Old Bailey Judge Paul Worsley had warned Daniel Kelley, from Llanelli, Carmarthenshire back in December 2016 that he should “prepare” himself for time behind bars.
At his trial, the court heard that Kelley played a major role in the October 2015 attack which the company claims cost it a total of £77m. He was just 18 years old.
Described as “utterly ruthless”, Kelley hacked into TalkTalk systems and blackmailed chief executive Dido Harding and five other executives for payments in bitcoin. However, he only received £4,400 worth of bitcoins through all his blackmail attempts, having made demands for more than £115,000.
He pleaded guilty to the hack attack and further charges of blackmail and money laundering in 2016.
However, Prosecutor Peter Ratliff told the Old Bailey that Kelley was only 16 when he first embarked on his online crime wave. It all began when he hacked into a Welsh college, Coleg Sir Gar, out of “spite or revenge”, after failing to achieve the right GCSE grades to get on to a computer course.
The attack not only caused widespread disruption to students and teachers, it also affected the Welsh Government Public Sector network, including schools, councils, hospitals and emergency services. Radiologists at Hywel Dda health board in west Wales lost access to diagnostic image services, with communication affected between hospital sites.
After he was arrested and bailed for that offence, the court heard that Kelley continued his cyber crime spree for a more “mercenary purpose”, targeting companies in Canada, Australia and the UK.
Prosecutor Ratliff described Kelley as a “prolific, skilled and cynical cyber-criminal” who was willing to “bully, intimidate, and then ruin his chosen victims from a perceived position of anonymity and safety – behind the screen of a computer”.
Kelley had also worked with a hacking collective named Team Hans, the court heard. If victims refused to cough up, he would offer their details for sale on the dark web. He was also found to be in possession of computer files containing thousands of credit card details.
Mitigating, Dean George QC appealed to the judge not impose a jail sentence on a young man who suffered with “severe depression”. Kelley, who has been diagnosed with Asperger’s syndrome, will serve his sentence at a young offenders institution.
Last November, two friends from the Midlands – Matthew Hanley, 23, and Connor Allsopp, 21 – were also jailed at the Old Bailey for their part in the hack. They received a total of 18 months,
In October 2016, the Information Commissioner’s Office whacked TalkTalk with a record £400,000 fine for lax website security which the regulator ruled had allowed the hackers to access sensitive customer data direct from its systems “with ease”; under GDPR, TalkTalk could have faced a £70m penalty.
Related stories
Duo jailed for 18 months for £77m TalkTalk hack attack
TalkTalk chief bows out ‘after seven fulfilling years’
17-year-old lad pleads guilty to TalkTalk ‘car crash’
TalkTalk could have faced £70m fine under GDPR
TalkTalk rocked by record £400k fine for data breach
Coppers told TalkTalk to keep schtum over breach
Three held at TalkTalk call centre for data theft
TalkTalk chief hits back: we’re just the punchball