Two young men received prison sentences for helping to perpetrate a data breach at the UK telecommunications provider TalkTalk.
On 19 November, Judge Anuja Dhir QC at the Old Bailey sentenced Matthew Hanley, 23, to 12 months in prison. She handed down a slightly lighter sentence of eight months in jail to Connor Allsopp, 21.
Judge Dhir explained that the sentences reflect Hanley’s and Allsopp’s level of participation in a security incident that cost TalkTalk an estimated £77 million. As quoted by BBC News:
You were both involved in a significant, sophisticated systematic hack attack in a computer system used by TalkTalk. The prosecution accept that neither of you exposed the vulnerability in their systems, others started it, but you at different times joined in.
In October 2015, the telecommunications provider disclosed a digital attack that targeted its website. The incident affected hundreds of thousands of customers’ personal information as well as tens of thousands of people’s banking details and payment card data. It also spurred the Metropolitan Police and other local authorities to arrest no less than five suspects, many of whom were just teenagers at the time.
Hanley disclosed his involvement in 2017 when he pleaded guilty to cracking into TalkTalk’s website between 18 October 2015 and 22 October 2015, The Guardian reported. Hanley said at the time that he supplied data to one individual for hacking purposes. He also admitted that he gave TalkTalk customers’ information to Allsopp, who in turn supplied the data to an online user interested in committing fraud.
Hanley and Allsopp weren’t the only ones responsible for the data breach at the UK telecommunications provider. BAE Systems, a British multinational defence, security, and aerospace company which TalkTalk hired to investigate the incident, said it found evidence suggesting that 10 individual attackers were involved in the data security incident.
TalkTalk told BBC News that it did not intend to issue a comment following the sentencing.