The data robbery costed 77 millions of pounds to the telecommunications company.
Experts in cybersecurity and digital forensic of the International Cybernetic Security Institute inform that two hackers have been sent to the jail due their participation in the attack against TalkTalk, one of the biggest companies of telecommunications in the UK, occured in 2015, an incident in which was stolen personal data. Bank data and details of credit cards from more than 156 thousand clients.
Matthew Hanley, 23 years old and Connor Allsopp, 21 years old, both from Tamworth, Staffordshire, were sentenced last monday to 12 months and 8 months of prison, respectively, after they confirmed charges related with massive security violation that costed TalkTalk 77 millions of pounds loss.
According to the digital forensic experts, the total cost also included a fine of 400.000 pounds imposed by the Information Commisioner Office (ICO) against TalkTalk cause there were errors in the implementation of basic security steps to avoid incidents like this one.
During the trial, the judge Anuja Dhir described Hanley as a “dedicated hacker” and sentenced him with 12 months in jail; meanwhile Allsopp was sentenced with 8 months in jail because his low participation in the attack. The judge mentioned that it was a tragedy to find guilty “2 persons with an extraordinary talent”.
“Given the magnitude of the attack and the amout of people whose confidential information was compromised, I’m sure that their actions harmed thousands of TalkTalk clients», said the judge.
Hanley invaded the web place of teh company between the 16 and the 21 october 2015 and stole personal and bank data of 156.959 clients. After that, he passed the stolen data to his colleague Allsopp, who sold the data to other online use to his malicious use.
The stolen information included complete names of clients, adresses, birth dates, phone numbers, emails and information fo their TalkTalk accounts, and in the case of 16000 persons, the attackers also accessed to their financial information.
Another hacker, Daniel Kelley, 21 years old, was arrested, judged and declared guilty in 2016 because he obtained stolen data from the TalkTalk clients and then blackmail the CEO of teh company, Dido Harding, demanding 465 bitcoin.
“His actions, besides the actions of others, resulted in the TalkTalk’s CEO being blackmailed” said the judge Dhir to Hanley and Allsopp.
In the later weeks to the attack on TalkTalk, many teenagers, among them a 15 years old boy from North Ireland, a 16 years old boy from West London and other 16 years old boy from London, were arrested as suspects of participation in a hacking campaign and blackmail of the telecommunications company, according to the digital forensic experts.