I never imagined that, six years on, I’d still be writing about the TalkTalk hack. However, a new twist has now emerged which sheds a remarkable light on the inner workings of the gang who ripped off Brits for hundreds of thousands of pounds.

For those who’ve forgotten the details (or who never knew them in the first place), TalkTalk was hit with a cyber attack in October 2015. As journalists like me starting digging into the story, we uncovered an older and much more serious problem afflicting Britain’s biggest ISP.

TalkTalk had outsourced its call centre operations to an Indian tech giant called Wipro. A small number of its employees in Kolkata stole TalkTalk customers’ data, sold it on the black market, and that data was then used to perpetrate an elaborate but ultimately very lucrative scam (long read here).

Victims lost thousands of pounds each. Many were pensioners (the scammers often phoned on landlines during the day, which meant their victims tended to be older). Some had their lives’ savings taken.

First at Channel 4 News I revealed the two scammers at the heart of the Indian operation, who co-ordinated the thefts. Then in a BBC News article I reported the testimony of several whistleblowers who worked inside the scam call centre, phoning TalkTalk victims and pulling them into the fraud.

Now new information has emerged which throws light on the gang’s money laundering networks, and the (ultimately unsuccessful) measures it took to hide its tracks.

It all starts in Bahrain back in early 2015. Staff working at a money transfer business noticed something unusual: a man would arrive, hand over cash, and request that it be sent to his bank account in India. He was an Indian working in Bahrain, so on one level such transfers were nothing out of the ordinary. But there were some red flags.

The man was making transfer after transfer at different branches. Each of them was small enough to be just below the amount at which extra financial diligence checks kick in. But in total they added up to tens of thousands of dollars. And here’s the kicker: the man’s job was as a chef, earning less than $1,000 a month. Where was he getting the money?

The money transfer company filed a Suspicious Transaction Report, and the Bahraini Financial Intelligence Directorate took up the case. They dug into the chef’s background, checked his bank statements and call records, and discovered he wasn’t acting alone.

The chef was co-ordinating a network of 14 different people in Bahrain, all with links to India. They would receive money from various countries, including the US, France, Germany, Canada and the UK. They would then send it on to accounts in India, and take a 2% cut. Between March 2015 and July 2016, more than $289,000 was washed through Bahrain in this way. But who was sending the money to Bahrain in the first place?

Thanks to the transfer records, the Bahraini authorities had the names of the people who’d been sending money to the network in Bahrain, as well as the countries it was sent from. So they issued requests for help from the various’ countries’ financial crime units: did they recognise the names of the people who’d been sending money to Bahrain? One of the units that responded was the UK – they did indeed recognise the names: they were people who’d been caught up in the TalkTalk scam and whose names had been logged in the subsequent police enquiries.

UK victims of the TalkTalk scam had been conned into sending money overseas, and one of the destinations was Bahrain, from whence the money was zipped back to India, where it went into the pockets of the gang who originally called the TalkTalk customers and carried out the fraud. It was a triangular fraud and money laundering operation spanning three continents.

In just three months in 2016, two of the Bahraini suspects had received 50 transfers from Brits, totalling $218,000.

The Bahrainis swooped, arresting three suspects, including the chef, who were later convicted of money laundering and cyber fraud offences and each sentenced to five years in prison. They also recovered almost $281,000.

The convictions in Bahrain illustrate the scale and complexity of the Indian scammers’ operation. Clearly they realised early on that if TalkTalk scam victims sent their money directly to the thieves, it would create a paper trail leading to the perpetrators. So they set about creating a money laundering network to obfuscate the route of the money.

Utilising expat workers was a smart move: Indian catering staff working in Bahrain will inevitably have accounts in both countries, and sending money from one to the other probably won’t arouse suspicion (however, that logic only works so far, as the chef discovered to his cost).

Using overseas contacts also allows for movement of the stolen money through multiple jurisdictions, making it harder for investigators to trace. Although once again this case illustrates the limits of that: the Bahrainis were able to call on help from international partners in the UK and India to link the pieces of the puzzle together.

The case also reveals that TalkTalk’s customer base was only one among several of the gang’s targets – there were many more in other countries including the US and Canada.

Meanwhile in the UK, legal action against TalkTalk continues. Law firm Leigh Day says it is now acting on behalf of some 400 TalkTalk customers who claim to have lost money in the scam. TalkTalk is defending itself against the action. A spokesperson for the company declined to comment.