Two men in the United Kingdom have pleaded guilty to the theft of hundreds of thousands of sets of customer data in the 2015 TalkTalk data breach
In addition to facing charges for the theft of the data, they were also hit with charges relating to attempts to sell the records afterwards.
The men are Matthew Hanley and Connor Douglass Allsopp, aged 22 and 20 respectively, and they are responsible for the theft of 150,000 records.
Hanley pleaded guilty to two charges of violation of the Computer Misuse Act, and a single charge of supplying an article for use in fraud.
Allsopp pleaded guilty to supplying an article intended for use in the commission of an offence, and a charge of supplying an article for use in fraud.
The charging of these threat actors fights against the image of the unstoppable, omnipotent cyber adversary that we have come to fear, as these two men have been unmasked for all to see.
It also sends a strong warning to other hackers, and to those who might be inclined to act with malicious intent in a cyber capacity. It warns them that they can be caught, prosecuted in a court of law, and end up spending time behind bars in the real world.
In a news announcement regarding the result of the TalkTalk data breach from the Metropolitan Police, Detective Chief Inspector Andy Gould of the Met Police Falcon cybercrime unit said: “what our investigation shows is that no matter how hard criminals try to conceal their activity, they will leave some kind of trail behind.”
Also detailed in the Metropolitan Police news article was how social media use had provided evidence of one man’s participation.
It said: “Hanley had been discussing his involvement and actions in hacking into TalkTalk’s website and also discussing how he had deleted incriminating data from his computers and encrypted his devices in order to cover his tracks.”
Despite this victory, data breaches are constantly happening, and the threat is gaining momentum. A recent example of a significant breach was the one that hit The Association of British Travel Agents (ABTA), which left up to 43,000 people at risk of theft or further cyber crime.
The reality of data breaches is growing in part because of the massive influx of IoT devices that lack the necessary security features, meaning that unassuming household objects could result in the hacking of individuals, but also major organisations.