A 17-year-old boy has admitted hacking offences linked to a data breach at the communications firm TalkTalk, claiming he was “just showing off” to friends.
Norwich Youth Court was told he had used hacking tool software to identify vulnerabilities on target websites.
The data haul netted email addresses, names and phone numbers, as well as 21,000 unique bank account numbers and sort codes.
The boy pleaded guilty to seven charges and will be sentenced next month.
‘I have grown up’
The cyber attack on the company in October 2015 prompted fears thousands of people may have had their online details stolen.
The boy told magistrates: “I didn’t think of the consequences at the time. I was just showing off to my mates.”
“It was a passion, not any more. I won’t let it happen again. I have grown up,” he added.
His solicitor Chris Brown said he had played a small part in the scam, adding his behaviour had been that of an immature 16-year-old.
The charges against the boy also included attacks on other websites, including the universities of Manchester and Cambridge.
The boy will be sentenced for breaches under the Computer Misuse Act on 13 December. The magistrate said although further reports were needed, they were minded to spare the teenager jail.
Six other people were arrested in connection with the attack.
TalkTalk was fined a record £400,000 last month for security failings which allowed customers’ data to be accessed “with ease”.
The attack was branded a “car crash” by former information commissioner, Christopher Graham.
The company claimed the hack cost the firm £42m but has since reported a surge in half-year profits.
It said it also lost 98,000 broadband customers in the first half of the year, though this was largely offset by 69,000 new customers signing up.
Dido Harding, chief executive of TalkTalk, said: “One year on we have maintained a relentless focus on looking after our existing customers and keeping up the pace across a wide range of operational improvements.”