Two friends who took part in a huge cyber-attack resulting in a data breach that cost TalkTalk £77m in 2015 were jailed on Monday, according to a Guardian report.
Mathew Hanley, 23, and Connor Allsop, 21, both from Tamworth in Staffordshire, admitted charges relating to the data breach and were sentenced at the Old Bailey for a combined period of 20 months.
Hanley was sentenced to prison for 12 months and Allsopp, for 8 months.
On Monday, Judge Anuja Dhir QC at the Old Bailey noted that the breach saw personal data being stolen, including bank details and sensitive data from 156,959 customer accounts in a hacking scheme that lasted for a duration of seven days.
‘Misery and distress’ for TalkTalk customers
The judge said that their action has caused a lot of “misery and distress to the many thousands of the customers at TalkTalk”.
Despite the high number of customers affected by the TalkTalk hack, the judge said that it was a tragedy to find “two individuals of such extraordinary talent” in the dock.
Dhir told the men: “You were both involved in a significant, sophisticated systematic hack attack in a computer system used by TalkTalk. The prosecution accepts that neither of you exposed the vulnerability in their systems, others started it, but you at different times joined in.”
Last year, Hanley confessed that he was responsible for hacking the website. He also admitted that he was guilty of supplying files, containing TalkTalk customer’s details so that Allsop could commit fraud.
Hanley was also found guilty for obtaining files that contained names and passwords for NASA servers, handed over to him by a Skype contact that goes by the name of “little present.”
Hanley was arrested in October 2015, and although the police were able to confiscate his computer, they contained little to no information because the hacker had used an encryption to remove all the files from his computer, according to Metropolitan Police report.
Allsop, on the other hand, was arrested by police in April last year and admitted that he had tried to sell customers data and vulnerable information about how to bypass TalkTalk security wall, as stated in the Metropolitan Police report.
During the hearing, Peter Ratliff, prosecuting, said that Hanley was a “determined and dedicated hacker” who was well-aware of the potential risks involved in what he was doing.
‘Its jail time’
The court heard evidence about the scale of the attack, after an analysis of the BAE system suggested that up to 10 individuals may have contributed to the data breach.
The court heard how Hanley also sent Allsop details of more than 8,000 banks accounts to an online user. In his message, he wrote candidly to his friend, by saying: “Mate its jail time.”
He also gave his friend further instructions about how to sell customers data.
The message read: “Be careful with that dump, don’t sell unless 1,000+ and you didn’t get it from me.”
A 17-year old admitted hacking offences linked to the TalkTalk hack in 2016, claiming he was “just showing off.”
Norwich Youth Court said he had used hacking tool software to detect weaknesses on the telecoms website.