News

TalkTalk hacker hit Withybush Hospital and others, costing tax payer £400,000

Published

7 years ago

June 12, 2019

A ‘CYNICAL and ruthless’ hacker, motivated by spite and greed, targeted the computer systems at Withybush Hospital, The Herald can confirm.

Daniel Kelley, now aged 21, hacked into networks at Withybush and Prince Philip Hospital, Llanelli. When he did so, he prevented radiographers from viewing vital diagnostic images used to plan treatment for patients. The hacker also disrupted communications between different Health Board sites.

The Court heard that Kelley’s actions caused ‘a serious clinical risk of a catastrophic outcome’.

The hack cost the Welsh Government, which runs big public networks, £400,000 to repair its systems, improve its security systems, and prevent further hacks.

Kelley’s efforts in disrupting vital public services began when he implemented a Distributed Denial of Service attacks at Coleg Sir Gar, where he was a student.

Prosecutors alleged that Kelley’s motivation on that occasion was spite at being denied a place on a Level 3 computing course due to poor performance in his GCSEs.

A distributed denial-of-service (DDoS) attack is an attack in which multiple compromised computer systems attack a target, such as a server, website or another network resource, and cause a denial of service for users of the targeted resource.

In Kelley’s case, he deliberately targeted the College’s computer infrastructure, causing disruption to systems accessed by students and teachers, including examinations.

Having accessed the College network, Kelley was able to exploit its connection to wider Welsh public service computer infrastructure and caused targeted disruption to other bodies which shared the network’s resources.

There is no sign that Kelley committed these acts for anything other than his amusement and the feeling of power it gave him.

While Kelley’s activities had widespread adverse consequences, his next step presented a major escalation.

He hijacked the computer systems of companies in Australia and Canada. The targets included Zippo Lighters, Rogers Communications, RC Hobbies, ISP JISC, TAFE Queensland, and a court transcription service called For the Record in Australia.

He attempted to blackmail company executives by targeting their loved ones and making threats to collapse companies by wrecking their computer systems.

Kelley was arrested in July 2015 but his most audacious blackmail attempt was yet to come.

In October that year, together with a group of other hackers, Kelley took part in “significant and sustained cyber-attack” on TalkTalk.

The group broke into broadband provider TalkTalk’s customer database and stole a copy of its contents.

The stolen records included customer names and addresses, dates of birth, payment card details, phone numbers, and email addresses.

Around 157,000 customers in the UK were caught up in the hack, which was said to have cost TalkTalk £77m to clean up and cost it immeasurably more in lost customer confidence and income.

Kelley then attempted to extort £80,000 in exchange for not leaking the swiped customer database onto the web.

Peter Ratliff, prosecuting, described Kelley as a “prolific, skilled and cynical cyber-criminal” who was willing to “bully, intimidate, and then ruin his chosen victims from a perceived position of anonymity and safety – behind the screen of a computer.

“Where confidential and sensitive information had been stolen in the hack – typically the personal and credit card details of the company’s clients – the defendant would threaten the company with the public release of the material, knowing and exploiting the fact that the release would risk the ruin of the company concerned.

“It is clear from the content of the emails that the defendant sent that he derived enjoyment and excitement from the power he wielded over those he sought to intimidate.”

Sentencing Kelley, Judge Mark Dennis said Kelley hacked computers “for his own personal gratification” regardless of the damage caused.

His attempts at blackmail revealed a “cruel and calculating side to his character”, Judge Dennis said.

Kelley was sentenced to youth detention due to his age at the time of his arrest.

A spokesperson for Hywel Dda University Health Board said “the NHS is increasingly reliant on the use of digital systems to support patient care we hope that this sentence will act as a deterrent to others from attempting to hack public sector organisations in Wales in the future.

“At the time, this hack caused a number issue in Hywel Dda including:-

Radiologists were unable to effectively report on diagnostic images because the reporting / dictation system we use were unresponsive during the Denial of Service attacks at Prince Philip Hospital. This seriously interrupted clinical workflow and wasted a great deal of Radiologist time. This could have adversely affected the care of patents including those critically ill/injured as without prompt, reliable access to images there is a serious clinical risk.
Our Patient Administration System at Prince Philip Hospital had response time issues causing difficulties on the Wards, A&E and Maternity departments as well as administrative areas like Medical Records.
Experienced delays with ICT services at other Health sites in the Llanelli area including Ammanford and Cross Hands Health Centres.

“Following this incident Welsh Government bolstered the Public Sector network (which all public bodies in Wales use) with hardware and software to detect and stop denial of service attacks in the future and mitigate the risks as far as possible.”

Crime

Publican jailed for six years for supplying cocaine and cannabis

Published

16 minutes ago

March 20, 2026

Rieve Nesbitt-Marr

Milford Haven man sentenced at Swansea Crown Court following drug dealing operation

A MILFORD HAVEN publican has been jailed for six years after admitting supplying cocaine and cannabis.

The defendant, who previously appeared before magistrates and was remanded in custody, was sentenced at Swansea Crown Court following an investigation into drug dealing activity linked to the town.

The court heard that he had been involved in the supply of Class A and Class B drugs, with evidence including material recovered by police and analysis of mobile phone data. Investigators said the activity had been ongoing since at least 2024.

Cocaine, a Class A drug, carries the most serious penalties under UK law, and the involvement of both cocaine and cannabis was reflected in the length of the sentence imposed.

During proceedings, the court was told that the case went beyond isolated incidents, with the defendant playing a significant role in the supply chain. The judge said the offending was serious and sustained, warranting an immediate custodial sentence.

He was sentenced to six years in prison.

The case had previously been heard at Haverfordwest Magistrates’ Court, where the defendant was remanded due to the seriousness of the allegations before being sent to the Crown Court for sentencing.

Education

Prendergast School achieves gold award for Armed Forces support

Published

39 minutes ago

March 20, 2026

Tom Sinclair

Top honour recognises commitment to Service children and families

PRENDERGAST CP School in Haverfordwest has been awarded the highest possible recognition for its support of Armed Forces families.

The school has secured Gold Armed Forces Friendly School Cymru status, marking a significant milestone in its ongoing work to support pupils from Service backgrounds.

Headteacher Louise John said the achievement reflects a strong, whole-school commitment to ensuring Service children feel supported and able to succeed.

She said: “We are committed to ensuring Service pupils feel welcomed, understood and able to thrive.

“We recognise the unique experiences of children from Service families and have worked hard to embed that understanding across the school.

“Our approach focuses on early identification, strong communication with families, and consistent pastoral support.

“Achieving Gold status recognises the dedication of our staff and the inclusive practices already in place, while reinforcing our ongoing commitment to supporting Service children’s wellbeing, sense of belonging, and educational success.”

The Gold award, delivered through Supporting Service Children in Education Cymru (SSCE Cymru), requires schools to demonstrate strong and sustained support for Service children. This includes creating a positive environment where pupils can share their experiences and strengthening links with the wider Armed Forces community.

Prendergast CP School previously achieved both Bronze and Silver awards before progressing to the top level.

Cllr Simon Hancock, Pembrokeshire County Council’s Armed Forces Champion, praised the achievement.

He said: “I would like to congratulate Prendergast School on achieving the coveted Gold Armed Forces Friendly School Cymru status.

“From my visits, it is clear the school actively engages with the Armed Forces community and provides a positive and supportive environment for Service children.”

Cllr Guy Woodham, Cabinet Member for Education and the Welsh Language, added: “This is fantastic recognition of the ongoing work at Prendergast School.

“It highlights the importance of supporting Armed Forces families and sets a strong example of best practice. Well done to everyone involved.”

Crime

Carmarthen man denies coercive control allegations

Published

2 hours ago

March 20, 2026

Court Reporter

Defendant remanded in custody ahead of further hearing

A CARMARTHEN man has denied allegations of controlling and coercive behaviour towards his partner during a prolonged period of alleged abuse.

Mark Hanson, aged 51, of no fixed abode but previously linked to Llangunnor Road, Llangunnor, Carmarthen, appeared before Haverfordwest Magistrates’ Court for a further case management hearing on Wednesday (Mar 19).

The court heard that Hanson is accused of engaging in controlling or coercive behaviour in an intimate relationship, contrary to Section 76 of the Serious Crime Act 2015.

It is alleged that between January 1, 2024 and March 12, 2026, at Stackpole, Hanson repeatedly or continuously subjected a female to threats of violence. Prosecutors say the pair were partners at the time, and that the behaviour had a serious effect on the complainant, which Hanson either knew or ought to have known.

Hanson entered a not guilty plea to the charge on March 13.

The court was told that he has been remanded in custody ahead of the next hearing, with magistrates citing concerns that he may commit further offences, including causing injury or fear of injury to a person connected to the case.

Additional information presented to the court indicated that Hanson is currently serving a custodial sentence of two months for breaching a Domestic Violence Protection Order.

The case was adjourned for a further case management hearing, which is scheduled to take place at Haverfordwest Magistrates’ Court on Monday (Mar 23) at 10:00am. The hearing is expected to be conducted via video link and is listed for a duration of 20 minutes.

Magistrates Mr A Allison, Mrs J Morris and Mr D England presided over the hearing. The prosecution was led by Sian Vaughan, with Hanson represented by Alaw Harries of DGJ Solicitors.