TalkTalk hacker Daniel Kelley gets four years

TalkTalk

Daniel Kelley, the hacker behind the TalkTalk data breach, will serve a detention sentence of four years.

In 2016, Mr Kelley submitted 11 guilty pleas to 11 charges of cyber-criminality. One of the charges related to an attack through which the personal data of over 150,000 TalkTalk customers was accessed and stolen.

The 22 year old from Llanelli in Carmarthenshire, was sentenced on Monday of this week at the Old Bailey and will see out his sentenced time in a young offenders institution.

The TalkTalk data breach in 2015 saw email addresses and bank details stolen from the telecom company’s systems. Attacks from a number of hackers led to the firm eventually having to foot a bill of around £77 million.

Mr Kelley pleaded guilty to hacking six other organisations, including Welsh college, Coleg Sir Gâr where he had previously studied. The court heard how Mr Kelley got into hacking after he failed to get the requisite GCSEs to follow a computer course.

He hacked the college as an act of revenge, before turning his cyber-attacking intentions to firms in Australia, Canada and the UK. With over four million customers, TalkTalk was among the British firms to feel Mr Kelley’s ire.

The court heard how Mr Kelley has suffered badly with depression and had experienced severe weight loss since pleading guilty to 11 counts of hacking offences three years ago. He also suffers with Asperger’s syndrome.

Speaking at the Old Bailey, Judge Mark Dennis said that Mr Kelley attacked other computers “for his own personal gratification” irrespective of any adverse effects that his activity was having on others.

The “cruel and calculating” side to Mr Kelley’s character had been evidenced through his willingness to blackmail company chiefs. However, the Crown Prosecution Service subsequently dropped blackmail charges.

Speaking for the prosecution, Peter Ratliff said Kelley was a “prolific, skilled and cynical cyber-criminal” who would “bully, intimidate and then ruin his chosen victims from a perceived position of anonymity and safety – behind the screen of a computer.”

Mitigating, Dean George QC asked the judge not to choose a jail sentence for a young adult who suffered with “severe depression.”


PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.

For more information on upcoming events, visit the website.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.