back to article TalkTalk teen hacker pleads guilty as firm reveals £22m profit jump

TalkTalk has unveiled a healthy jump in post-tax profits on the same day a 17-year-old boy pleaded guilty to hacking the British telco. This morning the teenager, who because of his age cannot be named, pleaded guilty at Norwich Youth Court to seven charges under the Computer Misuse Act. He will be sentenced on 13 December, …

  1. Voland's right hand Silver badge
    Devil

    The fool and his money will soon be parted

    There is always enough of them around. There is a Balkan proverb (exists in most Balkan languages): "Every train has its passengers".

  2. Anonymous Coward
    Anonymous Coward

    "Cannot be named" !

    Name the swine so we can bombard him with fake support calls, send taxis around his house, send pizzas, sign him up for all sorts etc...

    A touch of "see how you like it" street justice would be nice.

    1. Loyal Commenter Silver badge

      And this is why he cannot be named; because his parents would have to move and change their identities to get away from mob justice from dicks like you.

      1. Mike 125

        >> to get away from mob justice from dicks like you.

        Absolutely right. AC what a pillock.

        Me, I'd give the teen a job, and mould him for my own nefarious purposes... And no, not that.

        1. Anonymous Coward
          Anonymous Coward

          Me, I'd give the teen a job, and mould him for my own nefarious purposes... And no, not that.

          Hah! You don't even know if he's a Catholic..

          /tiptoes away quietly

          :)

      2. Anonymous Coward
        Anonymous Coward

        @Loyal Commenter

        When it's your Grandparents or elderly parents with early Alzheimer's getting these calls or fleeced of savings then you might be a little less Corbyn style self-righteous. You've no idea the distress and worry it causes them.

        @Mike 125

        Save stupid comments like that for bestgore or liveleak.

        1. HAL-9000
          Childcatcher

          Give the kid a break

          From where I'm standing there's one culprit who deserves a good kicking more than a spotty teenager with a bad network probing habit, and that's the big corporation handling all this personal data in a rather haphazard, even cavalier manner. The irony is they've apparently managed to increase corporate profits despite all this, truth indeed, fools do seem to be easily parted from their money.

          1. John Brown (no body) Silver badge

            Re: Give the kid a break

            "The irony is they've apparently managed to increase corporate profits despite all this, truth indeed, fools do seem to be easily parted from their money."

            I commented back at the time that it would only be a short term hit. The old saw "there's no such thing as bad publicity" is demonstrated once again. TalkTalk was all over the news for a week or two. People remember that, at least subconciously. But most don't remember why. Brand awareness wins again. Sad, but true.

        2. Loyal Commenter Silver badge

          Corbyn style self-righteous?

          I'm sorry if having respect for the basic rule of law makes me some sort of fanatic in your eyes. Personally, I think mob justice and blind vengeance are things best left in our past. Playing the emotive, "think of the elderly Alzheimer's patient" card does nothing to explain how encouraging vigilantism against someone (guilty or otherwise) would prevent this sort of crime from happening. In fact, all it would do is consume police resources protecting innocent bystanders from mobs.

          Maybe you should step down from the high horse, take a few deep breaths and consider why we have things like due process, and read up on why the sort of thing that you are suggesting is proven to be a very bad idea.

          Here's an example from the Paedo hysteria stoked up by the right-wing press of a few years ago

    2. Anonymous Coward
      Anonymous Coward

      Name the swine so we can bombard him with fake support calls, send taxis around his house, send pizzas, sign him up for all sorts etc...

      What so that you can screw around with other people trying to run honest decent businesses?

    3. Anonymous Coward
      Anonymous Coward

      Street justice for what?

      Using freely available hacking tools to get into what should be a secure corporate network? (from what I have read)

      I think they should get him to sit in front a bunch of M.P.'s and explain how he's not sure how it happened but he'll do his best to make sure he won't do it again. Then again he's not shagging one, he doesn't supply them from his pig farm and his father probably isn't a lord.

      Yes what he did was wrong but the best way to educate people is to show them it is wrong, retribution rarely works you just end up with criminals that are better at hiding their activities and besides what punishment have talktalk had for having such a shit network that these tools work anyway? I mean ffs I've stress tested my own home network with kali surely someone like talktalk would have the common sense to check if they are vulnerable to known threats and basic hacking script kiddie tools?

    4. macjules

      Well ok then

      "A touch of "see how you like it" street justice would be nice"

      I suspect that he's about to get the street justice you wish him to get the moment he is put into the general population of HMP.

    5. hplasm
      Gimp

      "A touch of "see how you like it" street justice would be nice"

      Admit it- You're a returning TT customer, aren't you?

    6. Anonymous Coward
      Anonymous Coward

      Name him for mob justice? Douchebag.

      The lad needs to be put on a fast track to the IT industry not chastised.

      With proper guidance he could be a badass.

      If we lock up talent we will just continue to lose it to other countries.

      We rely on immigrants in the UK because our best people are all over the world they dont want to be here. Im fairly sure ill jump ship at some point in the future...not for money, but a better standard of living, creative freedom and most of all investment.

      Wherever in the world something epic in tech is happening you can be damned certain theres a Brit involved somewhere.

      South Korea is bursting with British Engineers.

      Google is most likely setting up another massive office with export quality talent spotting in mind.

  3. Anonymous Coward
    Anonymous Coward

    No problem....

    he just has to say.

    "I am sorry for any inconvenience caused. It only affected a small number of customers and I have changed my hacking procedures."

    1. You aint sin me, roit

      Re: No problem....

      And follow it up with

      "if you're open and honest with your customers everything works out alright"

      Maybe that only works if you are a Conservative Life Peer, married to the Minister for Constitutional Reform...

    2. macjules

      Re: No problem....

      No, Dido Harding already said that.

      1. VinceH
        Coat

        Re: No problem....

        So she can testify to that fact on his behalf, then.

      2. macjules

        Re: No problem....

        Thumb down? Curse you TT moderator!

  4. Doctor Syntax Silver badge

    "They think, in adversity, we tried our damnedest to look after them."

    As so often I'm reminded of "Yes, Minister". In this case Hacker challenging him to say which side he'd be on when the chips were down. "It's my job to make sure the chips stay up."

    1. Whitter

      "They think, in adversity, we tried our damnedest to look after them."

      They are of course wrong.

    2. Ralph B

      I was more reminded of Mark Zuckerberg.

  5. Anonymous Coward
    Anonymous Coward

    What info was given about the hack itself

    I was under the impression this was a simple brute force attack however please correctly if I'm wrong?

    1. Anonymous Coward
      Anonymous Coward

      Re: What info was given about the hack itself

      The BBC is reporting it was a script-kiddie-style attack.

      http://www.bbc.co.uk/news/uk-37990246

      1. Doctor Syntax Silver badge

        Re: What info was given about the hack itself

        ""I didn't think of the consequences at the time."

        Lets hope he gets time to think about them now. Probably won't happen, though.

    2. Graham Cluley

      Re: What info was given about the hack itself

      It was a SQL injection attack, combined with failing to apply a database software patch released 3.5 years earlier, according to the ICO's investigation into the monumental cockup.

      They had suffered other SQL injection attacks earlier in the year, but not done much in response apparently.

      All pretty shameful IMHO.

  6. djstardust

    There are obviously

    A large amount of stupid people who think cheapest is best. They're in for a rude awakening.

    1. Anonymous Coward
      Anonymous Coward

      Re: There are obviously

      A large amount of stupid people who think cheapest is best.

      I'm with Virginmedia, and I don't believe they're be much better, despite eye watering prices. If you're with a shitbag company that doesn't care about you, arguably better with a cheap shitbag company.

  7. Commswonk

    My eyes, my eyes...

    Dear El Reg,

    Was it really necessary to have a large picture of the Wicked Witch on both the front page and at the top of the article?

    1. Anonymous Coward
      Anonymous Coward

      Re: My eyes, my eyes...

      Ditto, I thought it was a haunted mirror at first...

  8. Anonymous Coward
    Anonymous Coward

    Open and honest

    Two novelty ideas for TalkTalk

  9. Aristotles slow and dimwitted horse

    Defence du jour...

    No doubt the youths lawyer tried to claim that he has Aspergers syndrome as a defence.

    1. Commswonk

      Re: Defence du jour...

      No doubt the youths lawyer will claim he has Aspergers syndrome.

      It might even be true.

      It will be interesting to see what the sentence is. At 17 he is unlikely to have the resources to pay any fine beyond about £10; I hope I am wrong but I suspect that whatever the sentence is it will be insufficient to deter others from trying the same thing against one corporate IT system or another.

      1. Anonymous Coward
        Anonymous Coward

        Re: Defence du jour...

        Could be worse. At least he won't be facing Life + 99 years in a USA jail.

  10. John 104

    Thanks

    "We also learnt that if you're open and honest with your customers everything works out alright," she said.

    Thanks for clearing that up. Couldn't tell if it was a man or woman...

  11. Alastair Dodd 1

    Open and Honest?

    Thats a bare faced lie as they tried to deny the hack originally and only after massive complaints did they do anything.. Fecking ridiculous, they should've had 22mill in fines for their incompetent handling of private data

    1. Anonymous Coward
      Anonymous Coward

      Re: Open and Honest?

      they also should have been ordered to pay compensation directly to the customers that were affected, not just fines into the general pot that the victims of their carelessness never get to see .....

  12. Brian O'Byrne

    There is more than enough blame to go around

    The child is just that; a child.

    TalkTalk is a major corporation with the legal responsibility to protect data gathered from its customers and the resources to do just that.

    TalkTalk was hacked by a child.

    In addition to whatever punishment the court sees fit to impose on the child we should see TalkTalk execs including the CIO and CEO in the dock on criminal negligence charges.

    .. and don't bother trying to convince me they got justice in the form of a £400,000 fine.

    1. Anonymous Coward
      Anonymous Coward

      Re: There is more than enough blame to go around

      This was committed by minors, 15yrs old:

      https://www.theguardian.com/uk-news/2016/oct/18/teenage-girl-found-guilty-of-murdering-a-mother-and-daughter

      Just because they had crap home security doesn't make the perpetrators any less culpable. If a bank has weak security it doesn't justify the crime of bank robbery either. Let's be straight here this was a hack for the financial gain of selling the details and not just poking around in the system looking for UFOs

    2. Anonymous Coward
      Anonymous Coward

      Re: There is more than enough blame to go around

      "The child is just that; a child."

      I must say that when I was a child, the worst thing you might get up to was lighting a small bonfire in a field anytime other than on bonfire night (and having the fire brigade turn up to put it out when the neighbours complained), or riding on the pavement on your bicycle (and getting an official caution letter from the police - it happened to me when I was 13), or dropping litter.

      Expectations for our children sure have changed a bit since then.

      The report I saw says he won't get a custodial sentence anyway. Perhaps the experience will push him towards more positive application of whatever skills he has in future.

      1. Doctor Syntax Silver badge

        Re: There is more than enough blame to go around

        "Perhaps the experience will push him towards more positive application of whatever skills he has in future."

        He's skiddie. What skills? Is there a market for cutting and pasting and a little typing?

  13. HmmmYes

    Whiskers .....

    1. hplasm
      Happy

      re:Whiskers .....

      Kattomeat.

  14. Lotaresco

    As predicted

    The few customers with a clue left Talk Talk. The ones who don't care about security or even understand why they should care suffered an overdose of inertia. It's like a sort of reverse Darwinism where Talk Talk ends up with a customer base of the clueless.

    Clue seems to be a substance that is in short supply and that has little reference to the vast majority of the public. ISPs for people who know what they are doing (A&A, Gradwell come to mind) are relatively tiny compared to the ones that sell to people who want someone to give them a pipe that leads to porn.

    1. Anonymous Coward
      Anonymous Coward

      Re: As predicted

      A&A are a TalkTalk reseller.

      1. Norman Nescio

        Re: As predicted

        A&A use TalkTalk Wholesale as a supplier, which is slightly different to being a reseller of domestic services. They also use BT as a wholesale supplier. While TalkTalk's management of its domestic/residential and SOHO customer base is dire, its upstream network management is somewhat better.

        There are a number of competing providers of wholesale Internet Access and peering in the UK: A&A have a choice of who they use, and Talk Talk Wholesale provide a good enough service for A&A's needs at present. A&A can change supplier if they find it necessary.

    2. Anonymous Coward
      Anonymous Coward

      I know what I'm doing

      but I still want a pipe that leads to porn. Well, the right kinds of porn anyway.

    3. Captain Badmouth
      Happy

      Re: As predicted

      "It's like a sort of reverse Darwinism where Talk Talk ends up with a customer base of the clueless."

      Charge peanuts, get monkeys. Apologies to simians everywhere etc... ;)

  15. Anonymous Coward
    Anonymous Coward

    It was...

    ...a SQL injection attack that was discovered during a pen test 1+ years previously but not acted upon compounded by poor data management procedures that contravene 1999 Data Protection act. The Board are responsible.

    There ya go.

    1. J. R. Hartley

      Re: It was...

      *an? That's how I would have done it.

      /pedant

      1. Anonymous Coward
        Anonymous Coward

        Re: It was...

        "*an? That's how I would have done it."

        As in 'an Structured Query Language injection'?

      2. Doctor Syntax Silver badge

        Re: It was...

        "*an? That's how I would have done it."

        When you pronounce it "sequel" "an" doesn't work.

        /DBA(retired)

  16. J. R. Hartley

    Gordon Ramsey's let himself go

    ...oh

    1. Anonymous Coward
      Anonymous Coward

      Re: Gordon Ramsey's let himself go

      maybe that's why TalkTalk customers spend so much time going "F*cking Hell !"

  17. David Austin

    Suitable Punishment

    6 month suspended sentence, and pack him off to GCHQ: See if he's more than a script kiddy, and can become a competent spook.

    I'm feeling generous - had to help out two retired old ladies that had phone calls claiming to be Talktalk complete with account details, trying to scam them out of Money (One succeeded), so it's only the fact he's a YOLO Kid stopping me from wanting to hit him with a warning to others jail sentence.

  18. kain preacher

    Just make the kid an intern for linus for 24 months.

    1. hplasm
      Devil

      Harsh and unusual punishment...

      Just make the kid an intern for Dido for 24 months.

      No, no the singer, the Harry Enfield impersonator.

  19. tiggity Silver badge

    Pushing hard

    Talk Talk seem to be trying hard to drum up customers.

    TV ads

    Leaflets through doors.

    Sales muggers on lots of high streets.

    Wonder how expensive in marketing budget those freshly gained customers were.

    The sales muggers amused me, I mentioned their dismal security record as part of my not touching it with a bargepole response, and sales mugger spiel was "that was in the past we are the most secure now", to which I gave a reply that good security is not an add on, it needs designing in from the start & the whole corporation needs to have security as a major focus - playing lip service to security is not proper security.

    And my final comment is always as TT are a "big" ISP, they are one of those that automatically blocks access to various officially blacklisted sites & I'm anti censorship - if something is actually bad then there are legitimate legal means to get it shut down.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like