TalkTalk hacker's Coleg Sir Gar attack led to health service issues

Daniel Kelley, 22, from Llanelli, was sentenced to four years' detention in a young offenders institution at the Old Bailey on Monday, June 10.

One of Kelley's early targets was Coleg Sir Gar, which he hacked between 2013 and 2014, "out of spite" after failing to get the GCSE grades for a computer course.

The denial of service attack caused widespread disruption to the college and also affected the Welsh Government Public Services Network - including schools, councils, and Hywel Dda University Health Board.

According to the health board, the attacks left radiologists unable to report on diagnostic images because the system used was unresponsive during the DoS attacks.

This seriously interrupted clinical workflow, wasted a great deal of radiologists time, and adversely affected the care of critically ill patients at Prince Philip and Withybush hospital.

Security work by the Public Services Network to combat the risks posed by the attacks cost nearly £400,000.

Judge Mark Dennis said Kelley hacked computers "for his own personal gratification" regardless of the damage caused.

He later targeted companies in Canada, Australia and the UK, including telecommunications giant TalkTalk, which has four million customers.

Between September 2013 and November 2015, he engaged in a wide range of hacking activities, and pleaded guilty to 11 charges including hacking with intent in December 2016.

Kelley made no reaction as he was sent down on Monday, June 10.

A spokesperson for Hywel Dda University Health Board said: “the NHS is increasingly reliant on the use of digital systems to support patient care we hope that this sentence will act as a deterrent to others from attempting to hack public sector organisations in Wales in the future.

“Following this incident Welsh Government bolstered the Public Sector Network with hardware and software to detect and stop denial of service attacks in the future and mitigate the risks as far as possible.”