Serviceteam IT Security News

Two friends have been jailed for their roles in hacking the telecommunications company TalkTalk.

Matthew Hanley, 23, and Connor Allsopp, 21, both from Tamworth in Staffordshire, admitted charges relating to the huge breach of customer details in 2015, which cost the company £77m.

At the Old Bailey on Monday, the judge, Anuja Dhir QC, jailed Hanley for 12 months and Allsopp for eight months. She said it was a tragedy to find “two individuals of such extraordinary talent” in the dock.

Dhir told the men: “You were both involved in a significant, sophisticated systematic hack attack in a computer system used by TalkTalk. The prosecution accept that neither of you exposed the vulnerability in their systems, others started it, but you at different times joined in.”

Last year, Hanley pleaded guilty to hacking into the website of the telecommunications giant between 18-22 October 2015. He admitted supplying data for hacking to another man and giving his friend Allsopp the personal and financial details of TalkTalk customers for use in fraud.

A fourth charge related to obtaining a number of computer files for committing an offence under the Computer Misuse Act. They included a file of names and passwords for server systems belonging to Nasa, which were handed over to Hanley by a Skype contact as a “little present”.

Allsopp admitted supplying a file of TalkTalk customers’ details to an online user for fraud, as well as files for hacking.

Peter Ratliff, prosecuting, said Hanley was a “determined and dedicated hacker” who was aware of the risks he was taking.

He said: “On or shortly before 24 October 2015, and after a significant and well-publicised attack on the website of the company TalkTalk, the defendant Hanley has admitted his involvement. But before his arrest he erased the content of his computer.”

Investigators pieced together evidence from his computer after it was wiped and from Skype chats.

TalkTalk first became aware of “latency issues” on its website early on 21 October 2015 and launched an investigation.

Later that day, the company’s then CEO, Dido Harding, was subjected to repeated blackmail attempts, with demands for Bitcoin in exchange for stolen data.

TalkTalk reported the cyber-attacks to police and the National Crime Agency. The following day, the company made public statements about the attack so customers could protect themselves.

Ratliff said BAE Systems analysis suggested there may have been up to 10 attackers. The total loss to TalkTalk was an estimated £77m, Ratliff said.

The court heard how Hanley sent details of more than 8,000 bank accounts to an online user, saying: “Mate its jail time.”

The prosecutor said Hanley had also sent Allsopp a dump of personal and financial files of TalkTalk customers. He said: “The crown cannot say precisely what was within the file that Hanley provided to Allsopp.

“However, on the basis of Hanley’s previous discussions with others, it would appear to have been the bank and other details of in excess of 8,000 TalkTalk customers. Because it was that material he repeatedly boasted of having.”

In a Skype message, Hanley told his friend: “Be careful with that dump, don’t sell unless 1,000+ and you didn’t get it from me.”

Source: The Guardian

With over 20 years of experience, Serviceteam IT design and deliver sophisticated connectivity, communication, continuity, and cloud services, for organisations that need to stay connected 24/7. We take the time to fully understand your current challenges, and provide a solution that gives you a clear understanding of what you are purchasing and the benefits it will bring you.

To find out how we can help you, call us on 0121 468 0101, use the Contact Us form, or why not drop in and visit us at 49 Frederick Road, Edgbaston, Birmingham, B15 1HN.

We’d love to hear from you!