Actions of duo of hackers cost telco £77m.
Two friends in the UK have been jailed for their roles in hacking telecoms company TalkTalk after pleading guilty to the massive 2015 data breach, which affected 1.6m accounts.
At the Old Bailey yesterday (19 November), Matthew Hanley (23) and Connor Allsopp (21) from Tamworth in Staffordshire were handed their sentences. Hanley, described as a “dedicated hacker”, was jailed for 12 months while Allsopp was given eight months.
A waste of ‘extraordinary talent’
“I’m sure that your actions caused misery and distress to the many thousands of customers at TalkTalk,” said judge Anuja Dhir.
The judge said it was a tragedy to find “two individuals of such extraordinary talent” in the dock.
Hanley last year pleaded guilty to hacking into TalkTalk’s website between 18 and 22 October 2015 and passing on personal and financial details of 8,000 customers with Allsopp.
Sentencing Hanley and Allsopp, the judge said: “You were both involved in a significant, sophisticated systematic hack attack in a computer system used by TalkTalk. The prosecution accepts that neither of you exposed the vulnerability in their systems, others started it, but you at different times joined in.”
TalkTalk spotted latency issues on its site on 21 October 2015, launched an investigation and warned customers. According to analysis by BAE Systems, there may have been up to 10 attackers involved in the attack.
Then CEO Dido Harding was subjected to blackmail attempts, with hackers demanding bitcoin in return for the stolen data.
Allsopp admitted supplying customer details for another user engaged in fraud as well as necessary files for hacking. The circle of hackers had also obtained passwords for US space agency NASA and shared them with each other via Skype. Before his arrest, Hanley deleted the data from his computer and from Skype chats.
The total loss as a result of the attack was £77m to TalkTalk, according to analysis by BAE Systems.