News

TalkTalk hacker hit Withybush Hospital and others, costing tax payer £400,000

Published

7 years ago

June 12, 2019

A ‘CYNICAL and ruthless’ hacker, motivated by spite and greed, targeted the computer systems at Withybush Hospital, The Herald can confirm.

Daniel Kelley, now aged 21, hacked into networks at Withybush and Prince Philip Hospital, Llanelli. When he did so, he prevented radiographers from viewing vital diagnostic images used to plan treatment for patients. The hacker also disrupted communications between different Health Board sites.

The Court heard that Kelley’s actions caused ‘a serious clinical risk of a catastrophic outcome’.

The hack cost the Welsh Government, which runs big public networks, £400,000 to repair its systems, improve its security systems, and prevent further hacks.

Kelley’s efforts in disrupting vital public services began when he implemented a Distributed Denial of Service attacks at Coleg Sir Gar, where he was a student.

Prosecutors alleged that Kelley’s motivation on that occasion was spite at being denied a place on a Level 3 computing course due to poor performance in his GCSEs.

A distributed denial-of-service (DDoS) attack is an attack in which multiple compromised computer systems attack a target, such as a server, website or another network resource, and cause a denial of service for users of the targeted resource.

In Kelley’s case, he deliberately targeted the College’s computer infrastructure, causing disruption to systems accessed by students and teachers, including examinations.

Having accessed the College network, Kelley was able to exploit its connection to wider Welsh public service computer infrastructure and caused targeted disruption to other bodies which shared the network’s resources.

There is no sign that Kelley committed these acts for anything other than his amusement and the feeling of power it gave him.

While Kelley’s activities had widespread adverse consequences, his next step presented a major escalation.

He hijacked the computer systems of companies in Australia and Canada. The targets included Zippo Lighters, Rogers Communications, RC Hobbies, ISP JISC, TAFE Queensland, and a court transcription service called For the Record in Australia.

He attempted to blackmail company executives by targeting their loved ones and making threats to collapse companies by wrecking their computer systems.

Kelley was arrested in July 2015 but his most audacious blackmail attempt was yet to come.

In October that year, together with a group of other hackers, Kelley took part in “significant and sustained cyber-attack” on TalkTalk.

The group broke into broadband provider TalkTalk’s customer database and stole a copy of its contents.

The stolen records included customer names and addresses, dates of birth, payment card details, phone numbers, and email addresses.

Around 157,000 customers in the UK were caught up in the hack, which was said to have cost TalkTalk £77m to clean up and cost it immeasurably more in lost customer confidence and income.

Kelley then attempted to extort £80,000 in exchange for not leaking the swiped customer database onto the web.

Peter Ratliff, prosecuting, described Kelley as a “prolific, skilled and cynical cyber-criminal” who was willing to “bully, intimidate, and then ruin his chosen victims from a perceived position of anonymity and safety – behind the screen of a computer.

“Where confidential and sensitive information had been stolen in the hack – typically the personal and credit card details of the company’s clients – the defendant would threaten the company with the public release of the material, knowing and exploiting the fact that the release would risk the ruin of the company concerned.

“It is clear from the content of the emails that the defendant sent that he derived enjoyment and excitement from the power he wielded over those he sought to intimidate.”

Sentencing Kelley, Judge Mark Dennis said Kelley hacked computers “for his own personal gratification” regardless of the damage caused.

His attempts at blackmail revealed a “cruel and calculating side to his character”, Judge Dennis said.

Kelley was sentenced to youth detention due to his age at the time of his arrest.

A spokesperson for Hywel Dda University Health Board said “the NHS is increasingly reliant on the use of digital systems to support patient care we hope that this sentence will act as a deterrent to others from attempting to hack public sector organisations in Wales in the future.

“At the time, this hack caused a number issue in Hywel Dda including:-

Radiologists were unable to effectively report on diagnostic images because the reporting / dictation system we use were unresponsive during the Denial of Service attacks at Prince Philip Hospital. This seriously interrupted clinical workflow and wasted a great deal of Radiologist time. This could have adversely affected the care of patents including those critically ill/injured as without prompt, reliable access to images there is a serious clinical risk.
Our Patient Administration System at Prince Philip Hospital had response time issues causing difficulties on the Wards, A&E and Maternity departments as well as administrative areas like Medical Records.
Experienced delays with ICT services at other Health sites in the Llanelli area including Ammanford and Cross Hands Health Centres.

“Following this incident Welsh Government bolstered the Public Sector network (which all public bodies in Wales use) with hardware and software to detect and stop denial of service attacks in the future and mitigate the risks as far as possible.”

Business

Plaid energy policy challenged by Labour after Adam Price interview

Published

1 day ago

May 24, 2026

Tom Sinclair

LABOUR SAYS MINISTERS MUST EXPLAIN COST AND TIMETABLE FOR PYLON PLANS

PLAID CYMRU’S approach to energy infrastructure has come under scrutiny after Energy Minister Adam Price was challenged over plans to reduce the use of overhead pylons in Wales.

Mr Price defended the Welsh Government’s position during an appearance on BBC Radio Wales’ Sunday Supplement, arguing that communities must have greater confidence in how major grid projects are handled.

Plaid Cymru has pledged to give communities a stronger voice over energy developments and to look more closely at alternatives to overhead transmission lines, including underground cabling where possible.

The issue has become increasingly sensitive in rural parts of Wales, where proposed pylon routes linked to renewable energy schemes have raised concerns about landscape impact, tourism and local consultation.

However, Welsh Labour said the minister had failed to explain when any restriction on pylons would take effect, or who would pay the additional cost of placing cables underground.

A Welsh Labour spokesperson said: “Adam Price keeps saying how clear their manifesto was and yet he won’t say when they’re banning pylons. They won’t say who is paying for the extra cost of undergrounding cables.

“Without certainty, companies won’t invest. That’s thousands of clean, green energy jobs at risk. Plaid need more than a plan to have a plan.”

Labour said the Welsh Government must now set out how its policy would work in practice, including whether it amounts to an outright ban, what exemptions would apply, and how any extra costs would be funded.

The debate highlights the challenge facing ministers as Wales seeks to expand renewable energy generation while addressing public opposition to large-scale grid infrastructure.

Community

Pembroke Fair praised as well-organised community event

Published

1 day ago

May 24, 2026

Tom Sinclair

HORSES, STALLS AND FAMILY CROWDS RETURN TO MONKTON

FAMILIES, horse owners and visitors turned out in force for Pembroke Fair on Saturday (May 23), with many praising the event as one of the best organised in recent years.

Held at the Community Centre Field in Monkton, the annual fair brought together horse owners, traders and local families for a traditional day centred around horses, ponies, stalls and socialising.

Coloured cobs, heavy horses, ponies and horse-drawn traps attracted attention throughout the day, with many visitors gathering around the field to watch the animals being shown and led around the site.

A variety of stalls selling everything from clothing and ornaments to tack and second-hand goods helped create a lively market atmosphere, while food vendors kept visitors fed throughout the day.

Despite overcast conditions at times, the event remained busy, with many attendees staying for several hours to enjoy the traditional fair atmosphere.

Community members later took to social media to praise the smooth running of the event, with several publicly thanking organiser Charlie Price for his efforts in bringing the fair together.

Comments described the day as “well organised” and praised the welcoming atmosphere, with many saying it was encouraging to see a long-standing local tradition continuing to thrive.

The fair once again brought together members of the travelling community, local residents and horse enthusiasts from across west Wales.

A horse drive was also due to take place on Sunday (May 24), continuing the weekend’s celebrations.

Photo captions:

Traditional gathering: Horses, ponies, horse-drawn carts and market stalls drew crowds to Pembroke Fair in Monkton on Saturday (Pic: Herald).

News

Watchdog criticises health board over £10m GP contract checks

Published

3 days ago

May 23, 2026

Tom Sinclair

A HEALTH board has been criticised by Audit Wales after GP contracts worth more than £10m were awarded without sufficient due diligence checks.

Aneurin Bevan University Health Board allowed a GP partnership associated with eHarley Street Primary Care Solutions to take on eight GP contracts in south-east Wales, with a combined annual value of around £10.1m.

Audit Wales said the board should have carried out greater scrutiny before approving the arrangements, including checks on financial resilience, workforce plans, business risks and the partnership’s ability to manage several practices at once.

However, the watchdog found no evidence of fraud and noted the board was dealing with significant pressure in general practice, including vacant contracts and limited interest from other bidders.

The report said weaknesses in governance and scrutiny contributed to later disruption and uncertainty for patients and staff when problems emerged.

Concerns included financial and workforce pressures, unpaid invoices, and issues relating to tax and pension payments. Some contracts were later handed back, requiring the health board to step in to protect services.

Natasha Asghar MS, Welsh Conservative Shadow Cabinet Minister for Health and Social Care, said the findings were “deeply concerning”.

She said: “Patients and staff were left facing disruption and uncertainty because proper scrutiny was not carried out before these contracts were awarded.

“The Welsh Conservatives believe lessons must be learned to ensure robust checks are in place, protect frontline services and restore confidence in primary care across Wales.”

Aneurin Bevan University Health Board accepted the recommendations and said it had already strengthened its processes.

Audit Wales said the case highlighted the need for stronger checks before GP contracts are transferred, particularly when a single partnership is taking on multiple practices in a short period.