TalkTalk hack: Teenage boy behind massive data breach given 12-month rehabilitation order
'Significant and sustained' hack in October 2015 led to £42m losses for telecoms giant.
A 17-year-old boy who admitted involvement in a cyber-attack on UK telecoms giant TalkTalk has been sentenced to a 12-month youth rehabilitation order and had his iPhone and hard drive confiscated.
The youngster, who admitted seven hacking offences, used legitimate software to expose a vulnerability in the company's website and shared details online.
While he did not exploit the information for monetary gain, his exposure of flaws in TalkTalk's security led to its website being targeted 14,000 times.
The "significant and sustained" hack in October 2015 saw a massive data breach of almost 160,000 customers' personal data, including names, addresses, dates of birth, phone numbers and email addresses.
Bank account details of 15,656 people were also accessed.
Speaking at an earlier hearing at Norwich Youth Court, the teen said: "I didn't think of the consequences at the time. I was just showing off to my mates. It was a passion, not any more. I won't let it happen again. I have grown up."
A raid on his home following his arrest in November 2015 revealed he had also been involved in hacks on other websites, including those of Manchester and Cambridge universities.
Sentencing him on Tuesday (13 December), the chairman of the bench, Jean Bonnick, said: "Your IT skills will always be there – just use them legally in the future."
TalkTalk was fined a record £400,000 (€480,000, $510,000) over security failings following the data breach, with the Information Commissioner's Office saying it could have been prevented were basic security steps taken.
The telecoms giant said the hack cost the company £42m in total, with it resulting in a net loss of 29,000 subscribers in the first half of the year.
© Copyright IBTimes 2024. All rights reserved.