Home
 » ISP News » 
Sponsored Links

Two More TalkTalk ISP Hackers Convicted of 2015 Cyber-Attack Involvement

Thursday, Apr 27th, 2017 (8:23 am) - Score 960

The Central Criminal Court of England and Wales has convicted two further men (Matthew Hanley and Conner Douglas Allsopp) of involvement with the hacking of TalkTalk’s website during October 2015, which exposed masses of customer details and cost the provider £42m.

The attack itself was the result of a combined Distributed Denial of Service (DDoS) assault and an SQL Injection exploit against the broadband provider’s website (here), which enabled the attackers to access the personal data of 156,959 customers (in 15,656 of those cases the attackers also had access to sensitive bank account details and sort codes).

In the end TalkTalk suffered significant reputation damage and an investigation by the Information Commissioner’s Office (ICO), which uncovered a string of similar hacking attempts on their servers, ultimately fined the provider £400,000 (here) over their “failure to implement the most basic cyber security measures.

Since then there have been plenty of arrests and two people have already faced justice (19 year-old Daniel Kelley from South Wales and an unnamed a 17-year-old boy). Yesterday they were joined by Connor Allsopp (aged 20) and Matthew Hanley (aged 22). Both men were identified by officers from the Met’s Cyber Crime Unit, which occurred as part of their Fraud and Linked Crime Online Unit (Falcon).

Matthew Hanley of Devonshire Drive (Tamworth) pleaded guilty to three offences under the Computer Misuse Act, including the hacking of TalkTalk’s website, obtaining files that would enable the hacking of websites and supplying files to enable the hacking of websites to others. He also pleaded guilty to supplying an article for use in fraud – namely a spreadsheet containing TalkTalk customer details.

Meanwhile Conner Douglas Allsopp of Ludgate (Tamworth) pleaded guilty, at the end of March 2017, to supplying an article for use in fraud and supplying an article intended for in the commission of an offence under the Computer Misuse Act (i.e. a computer file to enable hacking).

Andy Gould, Detective Chief Inspector (Met’s Falcon Cyber Crime Unit), said:

“Hanley hacked into TalkTalk’s website in order to steal their customers’ data and looked to sell it on to other criminals and fraudsters who would then go on to use that data for other criminal purposes.

Hanley thought that he was being smart and covering his tracks by wiping his hard drives and encrypting his data. But what our investigation shows is that no matter how hard criminals try to conceal their activity, they will leave some kind of trail behind.

This investigation has been painstaking and the work our detectives have done to trace and identify those involved has combined cutting-edge digital forensic techniques, with old-fashioned detective work that has led to the conviction of several of those involved and the investigation continues.”

Apparently detectives identified Hanley as a suspect in the early stages of their investigation and he was arrested on 30th October 2015, only a few short days after the attack itself took place. The police seized his computers but found they had been wiped or encrypted, although Hanley’s social media accounts revealed that he had been discussing his involvement and actions in the hack.

The chat logs also revealed that, after having stolen the data from TalkTalk, Hanley then got Allsopp to try and sell the personal data of customers so that the pair could profit from it. We should point out that Allsopp was unsuccessful in his attempts to sell the data and information on the ISP’s website vulnerabilities.

The pair are due to be sentenced on 31st May at the Old Bailey.

Mark-Jackson
By Mark Jackson
Mark is a professional technology writer, IT consultant and computer engineer from Dorset (England), he also founded ISPreview in 1999 and enjoys analysing the latest telecoms and broadband developments. Find me on X (Twitter), Mastodon, Facebook and .
Search ISP News
Search ISP Listings
Search ISP Reviews

Comments are closed

Cheap BIG ISPs for 100Mbps+
Community Fibre UK ISP Logo
150Mbps
Gift: None
Virgin Media UK ISP Logo
Virgin Media £24.00
132Mbps
Gift: None
Shell Energy UK ISP Logo
Shell Energy £26.99
109Mbps
Gift: None
Plusnet UK ISP Logo
Plusnet £27.99
145Mbps
Gift: None
Zen Internet UK ISP Logo
Zen Internet £28.00 - 35.00
100Mbps
Gift: None
Large Availability | View All
Cheapest ISPs for 100Mbps+
Gigaclear UK ISP Logo
Gigaclear £15.00
150Mbps
Gift: None
YouFibre UK ISP Logo
YouFibre £19.99
150Mbps
Gift: None
Community Fibre UK ISP Logo
150Mbps
Gift: None
BeFibre UK ISP Logo
BeFibre £21.00
150Mbps
Gift: £25 Love2Shop Card
Hey! Broadband UK ISP Logo
150Mbps
Gift: None
Large Availability | View All
The Top 15 Category Tags
  1. FTTP (5473)
  2. BT (3505)
  3. Politics (2525)
  4. Openreach (2291)
  5. Business (2251)
  6. Building Digital UK (2234)
  7. FTTC (2041)
  8. Mobile Broadband (1961)
  9. Statistics (1780)
  10. 4G (1654)
  11. Virgin Media (1608)
  12. Ofcom Regulation (1451)
  13. Fibre Optic (1392)
  14. Wireless Internet (1386)
  15. FTTH (1381)

Helpful ISP Guides and Tips

Promotion
Sponsored

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms , Privacy and Cookie Policy , Links , Website Rules , Contact
Mastodon