A man from South Wales has been convicted of cyber crime, fraud and blackmail offences following joint law enforcement agency investigations led by the Met’s Falcon Cyber Crime Unit (MPCCU) and the South Wales TARIAN Regional Organised Crime Unit.
The Met investigation was launched in response to an unlawful intrusion and data theft through TalkTalk’s website in October 2015.
Daniel Kelley [E] (11.02.1997) of Heol Dinbych, Llanelli, Dyfed pleaded guilty on Tuesday, 13 December at the Old Bailey to four counts of blackmail, two counts of fraud and an offence under computer misuse act (hacking). He was bailed and is due to be sentenced on 6 March, 2017.
Kelley also pleaded guilty to blackmail, offences under computer misuse act (hacking) and money laundering which were linked investigations conducted by TARIAN.
Officers analysed the blackmail emails sent to the CEO and staff at TalkTalk and further investigative work by Met Police and National Crime Agency (NCA) officers led them to link Kelley’s online personas to his real-world identity.
After identifying Kelley, officers discovered that he was already on bail and under investigation by TARIAN detectives for other cyber-crime offences committed before July 2015 and the TalkTalk intrusion.Kelley was arrested for his involvement in the TalkTalk intrusion on 24 November 2015 by the Met’s Cyber Crime Unit (MPCCU), supported by TARIAN detectives.
A number of electronic devices including computers, phones and storage media were seized from Kelley’s home address and subsequent analysis of these revealed evidence of Kelley’s involvement in the TalkTalk intrusion.
The analysis also revealed that Kelley was responsible for a blackmailing a senior executive of JJ Fox cigar merchants based in London, as well as other similar offences against victim companies and organisations in the United Kingdom and Australia.
Officers found compromised data belonging to several companies and when contacted, the companies confirmed they too had also received blackmail demands for Bitcoin payments into wallets Kelley controlled. In each case, Kelley threatened to release compromised sensitive data such as customers’ personal details if payments were not made.
Officers also found evidence that Kelley attempted to sell compromised data from TalkTalk, JJ Fox and TAFE (part of the Australian education sector) on a web forum which could then enable other criminals to commit further fraudulent and criminal activities with those compromised identities.
Officers also found Kelley was in possession of personal data and credit card information belonging
several thousand people.
In total, Kelley demanded over 650 Bitcoins from his various victims, worth approximately £96,000 including 465 Bitcoins valued at over £81,000 from TalkTalk.
Kelley’s criminal campaign spanned many months from October 2014 to November 2015.
Detective Chief Inspector Jason Tunn, from the Metropolitan Police Falcon Cyber Crime Unit (MPCCU) said:
“Kelley is a prolific and calculating cyber-criminal who has caused considerable damage, harm and loss; not only to those he directly blackmailed, but to the hundreds of thousands of customers of the companies whose personal details have either been stolen or used to try and extort money.
“The fact that Kelley was taking part in the cyber-attack against TalkTalk whilst on police bail for other similar offences shows his total disregard for the law. Excellent digital forensic and investigative work by all the officers has shown that cyber criminals cannot hide themselves totally and we will do all we can to identify and prosecute them.
“I’d like to thank my own detectives, as well as our partner agencies including TARIAN, PSNI, NCA and the CPS for their painstaking and diligent work and collaborative spirit to achieve this conviction. This was a combined law enforcement investigation resulting in today’s conviction”
Detective Inspector Paul Peters, from the TARIAN Regional Cyber Crime Unit, said: “Today’s outcome demonstrates to the general public and the business community especially, that police forces up and down the country and across the world are ready and able to collaborate and investigate the most complex forms of cybercrime to ensure those responsible are put before the courts.
“These are extraordinary crimes which have origins in the most ordinary of circumstances, as Daniel Kelley, at the time of these offences, was a teenager committing serious crimes from the sanctuary of his bedroom in a typical family home in West Wales. The stark reality is that that serious online crimes can be committed by anybody, from anywhere. Those who suspect that somebody is involved or at risk of becoming involved in online crime should contact the authorities immediately as there may be opportunities for intervention which prevents somebody from following a life of online crime which, in the click of a mouse or the tap of a keyboard, can have a devastating impact on theirs and their family’s life.”
Kelley is the second person to be convicted in connection with the investigation into the data theft from the TalkTalk website in October 2015. In November 2016 at Norwich Youth Court a 17-year-old male [D] pleaded guilty to Computer Misuse Act offences against TalkTalk, as well as a number of other educational establishments, companies and organisations both in the UK and overseas. The youth was also sentenced on 13 December at Norwich Youth Court and was sentenced to a 12 month rehabilitation order and forfeiture of his computer having pleaded guilty to seven offences under the Computer Misuse Act 1990.
Anyone who is the victim of cyber-crime or fraud should report the matter to Action Fraud via www.actionfraud.police.uk
Further online advice can be obtained from www.getsafeonline.org
