Two Tamworth hackers jailed for part in £77m cyber attack

Tuesday, 20th November 2018

TWO Tamworth men involved in the hacking of TalkTalk in October 2015 have been jailed at the Old Bailey this week, after admitting their part in the data breach and acquiring thousands of customers’ personal account data.

The pair were identified in a protracted investigation into the hack by officers from the Met’s Cyber Crime Unit – part of the Fraud and Linked Crime Online Unit (Falcon).

Matthew Hanley, 23, and Connor Allsopp, 21, both from Tamworth, admitted their roles in the massive 2015, £77m hack on the TalkTalk website and data breach which saw 156,959 accounts accessed.

Hanley, of Devonshire Drive, pleaded guilty on 26 April 2017 to offences under the Computer Misuse Act, 1990 including hacking the TalkTalk database, obtaining files to enable the hack of websites and supplying these files to others.

He also admitted supplying an article for use in fraud this being a spreadsheet of TalkTalk customer details. He was sentenced to 12 months’ imprisonment.

Allsopp, of Ludgate, an associate of Hanley, pleaded guilty on 30 March 2017 to supplying an article for use in fraud and supplying an article (a computer file to enable hacking) intended for the commission of an offence under the Computer Misuse Act, 1990. He was sentenced to eight months’ imprisonment.

At the Old Bailey on Monday, Judge Anuja Dhir QC said it was a tragedy to find ‘two individuals if such extraordinary talent’ in the dock.

She told the pair: “You were both involved in a significant, sophisticated systematic hack attack in a computer system used by TalkTalk.

“The prosecution accept that neither of you exposed the vulnerability in their systems, others started it, but you at different times joined in.”

Detectives identified and arrested Hanley on 30 October 2015 and seized computers and devices from his home but established they had been wiped and encrypted.

An intensive investigation into Hanley’s communications uncovered evidence concerning his involvement in the hack and actions he took to destroy and conceal evidence. Having successfully gained access and acquiring the data, he instructed Allsopp to sell the data on his behalf for financial gain.

Allsopp was identified and arrested in April 2016. He admitted attempting to sell the customer data Hanley had stolen and sell details of TalkTalk vulnerabilities that would have enabled others to hack into the TalkTalk database.

Investigating officer, Detective Constable Rob Burrows from the Met’s Falcon Cyber Crime Unit, said: “Hanley hacked into TalkTalk’s database with the sole intention to steal customer personal data and sell it to criminals and fraudsters for his and Allsopp’s financial gain. Allsopp was a willing participant in the crime. If successful this could have put thousands of people at risk of fraud.

“Hanley thought he was clever covering his tracks, concealing and destroying evidence on his computers, however, the extensive investigation, specialist skills and technical expertise utilised by our team led to the identification of these two virtual offenders bringing them into the ‘real world’. This secured overwhelming digital evidence leading to the guilty pleas and sentencing today.

“Our investigation proves regardless of the efforts and techniques deployed by cybercriminals to conceal their identities and activities, they will leave a trace and will be identified, pursued and prosecuted.

“I would like to thank the National Crime Agency for providing support and TalkTalk for their assistance and co-operation towards securing these convictions.”