Home>Security>Cyber Crime>Two jailed for TalkTalk data theft

Two jailed for TalkTalk data theft

20 November 2018

TWO MEN involved in the hacking of TalkTalk in October 2015 have been jailed at the Old Bailey after admitting their part in the data breach and acquiring thousands of customers' personal account data.

The pair were identified in a protracted investigation into the hack by officers from the Met's Cyber Crime Unit - part of the Fraud and Linked Crime Online Unit (Falcon).

Matthew Hanley, 23, of Devonshire Drive, Tamworth pleaded guilty on 26 April 2017 to offences under the Computer Misuse Act, 1990 including hacking the TalkTalk database, obtaining files to enable the hack of websites and supplying these files to others. He also admitted supplying an article for use in fraud this being a spreadsheet of TalkTalk customer details. He was sentenced to 12 months’ imprisonment.

Conner Douglas Allsopp, 21, of Ludgate, Tamworth, an associate of Hanley, pleaded guilty on 30 March 2017 to supplying an article for use in fraud and supplying an article (a computer file to enable hacking) intended for the commission of an offence under the Computer Misuse Act, 1990. He was sentenced to eight months’ imprisonment.

Detectives identified and arrested Hanley on 30 October 2015 and seized computers and devices from his home but established they had been wiped and encrypted.

An intensive investigation into Hanley’s communications uncovered evidence concerning his involvement in the hack and actions he took to destroy and conceal evidence. Having successfully gained access and acquiring the data, he instructed Allsopp to sell the data on his behalf for financial gain.

Allsopp was identified and arrested in April 2016. He admitted attempting to sell the customer data Hanley had stolen and sell details of TalkTalk vulnerabilities that would have enabled others to hack into the TalkTalk database.

Investigating officer, detective constable from the Met's Falcon Cyber Crime Unit Rob Burrows said, “Hanley hacked into TalkTalk's database with the sole intention to steal customer personal data and sell it to criminals and fraudsters for his and Allsopp’s financial gain. Allsopp was a willing participant in the crime. If successful this could have put thousands of people at risk of fraud.

“Hanley thought he was clever covering his tracks, concealing and destroying evidence on his computers, however the extensive investigation, specialist skills and technical expertise utilised by our team led to the identification of these two virtual offenders bringing them into the ‘real world’. This secured overwhelming digital evidence leading to the guilty pleas and sentencing today.

“Our investigation proves regardless of the efforts and techniques deployed by cyber criminals to conceal their identities and activities, they will leave a trace and will be identified, pursued and prosecuted. 

“I would like to thank the National Crime Agency for providing support and TalkTalk for their assistance and co-operation towards securing these convictions."