Cybercriminal Daniel Kelley, who successfully attempted a cyber-attack on UK based company ‘TalkTalk’ in 2015, has finally been detained. This single attack cost the company £77 million (€86.3 million) after the personal details of 157,000 customers were stolen. The young 22 years old hacker admitted that he targeted six organisations. He also accepted that he threatened them to sell their hacked data on the dark web. He demanded extortion money of hundreds of thousands of pounds in Bitcoin. In the case of refusals, he made good on his threats. Daniel Kelley finally incarcerated for four years in a youth detention center.
The Attack on TalkTalk
Daniel Kelley belonged to hackers that used a hacking method known as ‘SQL injection’ to penetrate the TalkTalk information systems. The chief executive, Dido Harding agreed on giving extortion money. The money was £80,000 (€89,715) in Bitcoin in exchange for stolen customer data and the sake of the company’s reputation. Detailed investigations revealed that he ceased 156,959 customer accounts, out of which 15,656 had their bank account and sort code numbers accessed. Right after hacking Kelley advertised this data for sale at $1,450,000 (€1,281,372) on a dark web site called dbs4sale.
The TalkTalk Company put up with a huge loss of £42 million, £35 million in other costs, along with the loss of 95,000 customers. Back to back success on the demand of extortion, many made him ask even more, and he kept on threatening by texting, “I could annihilate your company in days.”
An employee received an email from the hacker On 13 May 2015. The email contained a picture of his 18-month-old son with a message reading: “How fun would it be finding your son’s background ruined online before he has even hit 10?” His intention behind the email was to modify the child’s picture for sexual purposes, which came alongside a series of menacing phone calls.
The Crown Prosecution Service
Kelley communicated mostly through an anonymous browsing network known as ‘the Onion Router’. Moreover, he even disguised his IP address, which made it more difficult to detect his criminal activities. Consequently, the Crown Prosecution Service eventually caught him. It investigated the shreds of evidence hidden in his digital devices like chat logs and Bitcoin accounts. Other testimonies were his computer having thousands of credit card numbers and details of the holders. Daniel’s software and various other tools, used for hacking were also collected from his computer. It also included SQLi devices which allow for rapid scanning of the entire internet.
Tyner shared his views and said, “Hidden behind a cloak of anonymity, Kelley thought he could act with impunity by targeting companies worldwide he thought they were vulnerable to cyber-attack. Indeed he saw himself as a coach and mentor to his fellow hackers. Working with colleagues in Canada and Australia, the CPS was able to piece together the many complex strands of evidence. And it resulted in Kelley pleading guilty to 11 offenses.”
Daniel Kelley stands guilty at the Old Bailey in December 2016 to 11 offenses and sentenced to four years in a youth detention center.