Two suspected hackers have been sent to jail for conspiring and taking a role in compromising Talk Talk Telecommunication Company back in 2015. The two cybercriminals were identified as Mathew Hanley, 23, and Connor Allsopp, 21, who are both from Staffordshire.
According to the court records, the two young hackers stole personal identifiable information (PII), banking details, and credit card Fullz which were said to belong to 156,000 oblivious customers. After the hearing, they were sentenced for different lengths of time behind bars – Hanley to serve twelve months while Allsopp is to serve an eight month period.
The two cybercriminals admitted to the offenses they were charged with, which are said to have cost the company over $77 million in total losses. The massive data breach is also said to have cost a huge fine of $400,000 that was imposed by the Information Commissioner’s Office for not implementing expected cybersecurity measures to curb data breaches beforehand.
During the court hearing at Old Bailey, Judge Anuja Dhir was quick to point out that Hanley was a dedicated black hat hacker. He also was very disappointed to see such a gifted and talented person locked behind bars, for if his skills were well utilized, they could be of great help to society instead.
The main hacker, Hanley is said to have compromised the Talk Talk systems from October 16th to 21st of 2015. He is then said to have handed the stolen database to his counterpart, Allsopp, who later sold the data to dark web users for further fraud.
According to the court’s documentation, among the stolen information were customer’s full names, dates of birth, email addresses, also postal addresses, their telephone numbers, and the company’s account information. The two hackers were also charged with illegal access of financial information in almost all the reported 16,000 cases.
The company is also reported to have been compromised by a different hacker back in 2016. The hacker, identified as Daniel Kelley, 21, pleaded guilty in obtaining the Talk Talk customer’s sensitive data. He was reported to have blackmailed the then CEO of Talk Talk, Dido Harding, for 465 Bitcoins.
Judge Dhir told the two suspects that their illegal hacking had resulted in a lot of damage to the company’s management which was being subjected to a ransom request.
A number of teenagers have also been arrested previously in an attempt to compromise the Talk Talk systems. One was a 15-year-old boy from Northern Ireland who was reported to be involved in the massive data breach. Not long after the boy from Northern Ireland was arrested, two more teenagers were arrested. One of them was a 16-year-old boy from west London and the other boy was of the same age and from London.
The teenagers were arrested and charged with counts of blackmailing the telecommunication company for huge ransoms. The closure of the case was taken positively by the telecommunication company which feels vindicated for the great loss that hit them during that financial year.
Cybersecurity experts are advising most companies that rely on the internet for cloud storage and other functionality to invest significantly in security measures that will protect their system and customers from such massive data breaches.
Sophisticated and updated hacking tools are freely being sold on encrypted dark web forums at a price that most hackers can afford. This has contributed to the rising cyber-attacks that have been reported to compromise the most private E-commerce and government organizations. Different reports studied over the last two years have been showing worrying trends where dark web marketplaces offer companies’ databases at very low prices.
Financial data, like Fullz, are the most popular with dark web customers who buy them for low as $8 to as high as $500, depending on the status of the cards, which is partially determined by their account balance. In the long run, the cycle of affected victims grows long as the organizations lose their reputations and the customers lose their savings from the siphoned bank accounts.
Keeping up with the fast, dynamic dark web, organizations will have to be flexible and ready to learn the tactics applied by the cybercriminals in order to curb any attacks.