back to article TalkTalk HackHack DuoDuo PleadPlead GuiltyGuiltyGuiltyGuilty

Two chaps in the UK have admitted stealing more than 150,000 customer records from TalkTalk. Matthew Hanley, 22, and Connor Douglass Allsopp, 20, both from Tamworth, England, copped to charges in connection to the 2015 attack on the broadband ISP's systems and subsequent attempts to sell people's personal data to fraudsters. …

  1. Pascal Monett Silver badge

    So he controls his local data but forgets to control his blabbing about it

    Of course, as the seller he does have to make it known that he is selling, and therein lies the rub. Maybe he didn't use TOR, maybe he posted on the wrong site, or maybe he just forgot to use private sessions or wipe his browser history.

    In any case, this just goes to show that the Internet is a dangerous place when you are being searched for by the law - there's no telling what tracks you leave that will lead back to you and bust your ass.

  2. Adam 52 Silver badge

    admitted stealing

    For crying out load, they didn't admit stealing. They didn't steal anything.

    Steal - to permanently deprive

    1. Commswonk

      Re: admitted stealing

      You are, of course, perfectly correct. However, you omitted the obligatory <pedant> </pedant> tags.

      1. Doctor Syntax Silver badge

        Re: admitted stealing

        "However, you omitted the obligatory <pedant> </pedant> tags."

        This deals with a court case. It helps if the law is required to be exact about such things. If you were caught speeding in a hired car you wouldn't think it pedantic to argue that there was a mistake when you found you'd been charged with stealing the car.

    2. Cereberus

      Re: admitted stealing

      (To paraphrase) For crying out loud, they did steal something :

      Definition: Take (another person's property) without permission or legal right and without intending to return it.

      https://en.oxforddictionaries.com/definition/steal

      They removed (a copy of) data from Talk Talk without permission or any intention of returning it.

      1. Commswonk

        Re: admitted stealing

        For crying out loud, they did steal something :

        In common parlance that is certainly true, but I suspect that what they did might not meet the legal definition of theft, which may not be quite the same as a dictionary definition.

        Basic definition of theft. (1)A person is guilty of theft if he dishonestly appropriates property belonging to another with the intention of permanently depriving the other of it; and “thief” and “steal” shall be construed accordingly. (Theft Act 1968)

        Now while there may have been no intention to return the copy of the data taken there is also the point that in taking a copy there appears to have been no attempt to deprive its owner (in this case TalkTalk) either temporarily or permanently, and IMHO that does make a difference.

        But then IANAL.

        1. Cereberus

          Re: admitted stealing

          I can see the point of view. I would argue, however, that they have deprived Talk Talk customers of their security and privacy by taking a copy of the information which they have no intention of returning.

          I am not being deliberately argumentative, but I do think there is a case for saying they did steal something whether it be by legal definition or by dictionary definition. If either option is correct then original comment is correct.

          1. Commswonk

            Re: admitted stealing

            they have deprived Talk Talk customers of their security and privacy by taking a copy of the information which they have no intention of returning

            In turn I can see your viewpoint. However, if (a) takes something from (b) which in turn deprives (c) of something (in this case "peace of mind") then who is legally the "victim"? (b) or (c)? Why was (b) represented at trial and not (apparently) (c). Who gave evidence for (c)?

            And is it possible to steal something ("peace of mind") that has no, and can have no, physical embodiment?

            Next discussion: how many angels can dance on the head of a pin?

            In the meantime I think the dog wants a walk...

            1. Kane
              Angel

              Re: admitted stealing

              "Next discussion: how many angels can dance on the head of a pin?"

              ____________________________________________________________

              'Mistress Weatherwax, you are a natural disputant.'

              'No, I ain't!'

              'You'd certainly enjoy yourself at the Synod, anyway. They've been known to argue for days about how many angels can dance on the head of a pin.'

              He could almost feel Granny's mind working. At last she said, 'What size pin?'

              'I don't know that, I'm afraid.'

              'Well, if it's a ordinary household pin, then there'll be sixteen.'

              'Sixteen angels?'

              'That's right.'

              'Why?'

              'I don't know. Perhaps they like dancing.'

              1. Hollerithevo

                Re: admitted stealing

                Awesome as Granny Weatherwax is, the angels dancing on the head of a pin argument is actually huge and important for an understanding or the corporeality of the metaphysical, or was important when we had a theology. Is God a corporeal being? Does He have weight and heft? Dimensions? If so, of what kind Are His angels corporeal? If not, how do we see them, with our eyes or only in our mind? If corporeal, are their properties fixed, or can they shrink and enlarge? Are they of different corporeality from humans? What does this mean for how God interacts with the world?

                And so on. Although IANAT.

                1. CrazyOldCatMan Silver badge

                  Re: admitted stealing

                  If corporeal, are their properties fixed, or can they shrink and enlarge? Are they of different corporeality from humans? What does this mean for how God interacts with the world?

                  And so on. Although IANAT.

                  I blame the Greeks. After all, they invented Gnosticism..

                  (Which found an enthusiastic home later with the Cathar Heresy. Amongst other places..)

                2. IsJustabloke
                  Trollface

                  Re: admitted stealing

                  "Is God a corporeal being? Does He have weight and heft? Dimensions?"

                  Hollywood would have us believe he looks a lot like Morgan Freeman

          2. tiggity Silver badge

            Re: admitted stealing

            "deprived Talk Talk customers of their security and privacy "

            Surely Talk Talk did that themselves by not bothering to spend resources on decent security.

            From the sounds of it all a group of amateur script kiddies rather than some hard core expert computer crime gang.

            Decent security would have kept out the pesky kids.

            if I went on holiday leaving my door open, insurance company would reject my claim for the resulting burglary as I had not taken sufficient security precautions, needs to be a degree of culpability for big companies who skimp on security (unlike a struggling small business, the big boys have the cash & resources to employ people to do a proper job of security)

      2. Doctor Syntax Silver badge

        Re: admitted stealing

        "They removed (a copy of) data from Talk Talk without permission or any intention of returning it."

        The problem is not in removing the copy. It's with making the copy.

        1. handleoclast

          Re: The problem is not in removing the copy. It's with making the copy.

          Correct.

          That is an offence under the Computer Misuse Act of 1990 (as revised). Actually, several offences.

          Section 1: Unauthorized access to computer material. Check.

          Section 2: Unauthorised access with intent to commit or facilitate commission of further offences. Check.

          Section 3a: Making, supplying or obtaining articles for use in offence under section 1, 3 or 3ZA. Possibly, if they wrote (or found) a script or other automation tool in order to gain access. Difficult to justify, even then, since they had only one target. But. you never know.

          Section 1 gets you up to six months and/or a hefty fine. Section 2 gets you up to five years and/or a hefty fine. Section 3a gets you up to ten years and/or an unlimited fine.

          So definitely not theft/stealing. No intent to permanently deprive, nor did they permanently deprive TalkTalk of anything. Breaching customers' privacy may be coverable by some privacy legislation somewhere, I dunno. Gaining credit card details with intent to defraud is definitely chargeable under fraud legislation and possibly the selling on of card details gains them a bonus conspiracy charge. Absolutely CMA offences. But not stealing.

          IANAL.

        2. John Brown (no body) Silver badge
          Coat

          Re: admitted stealing

          "The problem is not in removing the copy. It's with making the copy."

          Ah, so it's a copyright violation?

          Off with their heads!

    3. TitterYeNot

      Re: admitted stealing

      "For crying out load, they didn't admit stealing. They didn't steal anything"

      Correct, I suspect El Reg are using a little artistic licence when using the word 'stealing' in the subheading, though some senior Met. plod did use the word 'steal' in a press release. The pair in court pleaded guilty to:-

      - "Obtaining files that would enable the hacking of websites and supplying files to enable the hacking of websites to others."

      - "Supplying an article for use in fraud."

      - "Supplying an article intended for in the commission of an offence under the Computer Misuse Act."

  3. santoy

    HoorayHooray ForFor JusticeJustice!

    Now how do I stop those pesky indian scammers calling me?!?!

    1. Anonymous Coward
      Anonymous Coward

      You don't stop them calling you. You get one on the line, fire up a VM, play the clueless user and watch him try to deprive you of money for an hour or so before cutting him off.

      Great sport. I should call it scamon phishing or something :D

  4. tedleaf

    And they will get slapped hands and told not to do.it again by the headmaster..

    1. Sir Sham Cad

      Proper punishment

      No they will be punished appropriately for the seriousness of these crimes. They will be forced to be TalkTalk customers for a minimum of 6 years without parole.

  5. Paratrooping Parrot
    Headmaster

    Geography.

    Hmmm... two from Tamworth, one from Norwich and one from Wales. Wales is a rather large area, in fact it's a whole Reg unit in itself. I wonder how many Tamworths can fit in Wales. Whereabouts in Wales?

  6. Anonymous Coward
    Anonymous Coward

    Tamworth

    Must be nothing to do there.

    Also, Reg can you do some journalism and look at the other fall out from the TalkTalk nonesense.

    E.g. how they're clearing shop and booting subcontractors out of their datacentres?

    I used to have a bunch of racks in the MK datacentre and was unceremoniously kicked out with 2 months notice. The rack was rented via Easyspace. I spoke to the chap in the DC and it sounds to me like they're seriously downsizing and clamping down on strangers moving around in their spaces.

    1. Korev Silver badge
      Pint

      Re: Tamworth

      Two months isn't a long time to move multiple racks of gear if you have to provide a continuous service.

      You probably needed a few of these afterwards ->

    2. Connor Allsopp

      Re: Tamworth

      Yes I agree Tamworth is boring not the reason why TalkTalk was hacked though.

  7. Stevie

    Bah!

    I'm shocked and appalled atvthis story.

    Not one of the defendants suffers from Asperger's?

    1. NonSSL-Login

      Re: Bah!

      That defence only gets brought in when there is a chance you will extradited to the prison nation of America, to make number plates and do time for corporate gain.

  8. Anonymous Coward
    Terminator

    Further confusion at TalkTalk claims it was hit by 'sequential attack'

    Erm, we think you mean SQL injection, Dido

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like