
Two British members of the Scattered Spider cybercrime collective who helped perform the 2024 cyberattack on Transport for London have been sentenced to five-and-a-half years in jail, bringing to an in depth what the UK’s Nationwide Crime Company described because the nation’s largest cybercrime prosecution to achieve the courts.
Whereas the Transport for London (TfL) breach was the main target of the prosecution, the case additionally gives one of many clearest public hyperlinks but between people convicted within the UK and the cybercrime group liable for among the most disruptive ransomware incidents in recent times, together with the assaults on MGM Resorts Worldwide and Caesars Leisure in Las Vegas.
Thalha Jubair, 20, and Owen Flowers, 18, pleaded responsible final month earlier than being sentenced at Woolwich Crown Courtroom on Thursday. Prosecutors mentioned the pair infiltrated TfL’s programs between Aug. 31 and Sept. 3, 2024, forcing the transport operator to reset passwords for roughly 28,000 staff, disrupting a number of buyer providers and leaving the group with about £29 million in restoration prices.
Authorities mentioned the hackers gained intensive administrative entry after utilizing social engineering strategies to compromise worker credentials. Investigators recovered recordings, screenshots, chat logs and different digital proof tying the pair to the intrusion.
The NCA described the defendants as members of Scattered Spider and mentioned the Transport for London investigation was “prolonged, extremely complicated and painstaking.”
“The perseverance and meticulousness of our officers, and the work of our accomplice organisations, meant that Jubair and Flowers had no possibility aside from to plead responsible and take duty for his or her offending,” mentioned Paul Foster, deputy director and head of the NCA’s Nationwide Cyber Crime Unit.
“The profile of offenders like Flowers and Jubair demonstrates the growing menace from cyber criminals primarily based within the UK and different English-speaking nations, epitomised by Scattered Spider.”
Foster added: “Because of this we work intently with companions at residence and overseas to determine offenders inside these networks and produce them to justice.”
TfL case exposes Scattered Spider community assault towards MGM and Caesars
The case is regarded as important past the TfL assault as a result of each males had been recognized by the Nationwide Crime Company as members of Scattered Spider, a free community of primarily English-speaking hackers identified for focusing on main companies by means of assist desk impersonation, SIM-swapping and different social engineering ways.
The identical group attracted worldwide consideration in September 2023 after breaching MGM Resorts Worldwide, triggering widespread outages that disabled resort room keys, slot machines, cost programs and different operations throughout its on line casino properties. Caesars Leisure was additionally compromised throughout the identical marketing campaign after attackers allegedly stole buyer information. These incidents established Scattered Spider as one of the vital succesful financially motivated cybercrime teams working towards giant enterprises.
Safety researchers say Scattered Spider just isn’t a standard organized gang however a free assortment of hackers related by means of an underground on-line ecosystem generally known as “The Com.”
Based on KrebsOnSecurity, members collaborate throughout Telegram and Discord communities, sharing strategies, recruiting accomplices and coordinating assaults. The publication additionally reported that some individuals in these communities have been linked to on-line “hurt teams” concerned in stalking, harassment, sextortion, doxing and coercing weak victims into self-harm.
The outlet additionally states that the responsible pleas represented the primary time key members of the group publicly admitted duty in a significant legal case. The report famous that Flowers individually admitted collaborating in conspiracies focusing on U.S. healthcare suppliers SSM Well being and Sutter Well being.
Though prosecutors targeted on the TfL intrusion, investigators have described the case as proof of the rising menace posed by younger, English-speaking cybercriminals working from the UK.
The Nationwide Crime Company mentioned the prosecution demonstrates its wider effort to determine and dismantle members of Scattered Spider working alongside worldwide legislation enforcement companions, such because the FBI. The sentencing additionally comes as authorities and safety researchers proceed investigating the broader ecosystem surrounding the group, together with hyperlinks to cybercrime, SIM-swapping and on-line harassment communities which have helped gasoline among the most high-profile assaults towards main corporations in recent times.
Featured picture: Nationwide Crime Company

