2 min read

TfL hackers get 5.5 years as Scattered Spider takes a hit

Two UK men were sentenced to 5 years and 6 months over the 2024 TfL cyberattack, which caused about $39 million in losses.

Image: TechRadar

Two UK men have been sentenced to five years and six months in prison for their role in the 2024 cyberattack on Transport for London, in a case authorities say dealt a major blow to Scattered Spider.

The defendants, Thalha Jubair, from East London, and Owen Flowers, from Walsall, West Midlands, were arrested in 2025 on suspicion of being leading members of the hacking group. Scattered Spider has been tied to breaches at dozens of companies, and earlier reporting from cybersecurity firms said the group was made up largely of English-speaking teenagers.

Police seized a range of devices during the arrests, including laptops, PCs, smartphones, hard drives, and removable storage. On one computer, investigators found screenshots and videos showing the intrusion into TfL’s systems.

According to the National Crime Agency, Flowers was also in the middle of attacks on US healthcare companies SSM Health Care Corporation and Sutter Health when he was arrested. The agency said both organizations had already been “infiltrated and damaged.”

TfL told the City of London Police that the attack led to around $39 million in losses and recovery costs. The pair initially pleaded not guilty but changed their pleas to guilty on the day they were due to stand trial.

Recommended reading

AI won’t replace penetration testers just yet

“Although other cybercriminals may continue to use the damaged Scattered Spider brand, the NCA’s action against Jubair and Flowers effectively halted the group’s criminal activity.”

National Crime Agency

The NCA added that an independent assessment backed that view, with Microsoft saying the arrests materially degraded the group’s ability to keep carrying out cybercriminal operations.

Best antivirus software header
Best antivirus software header
Sophia Reynolds

Security Editor

Sophia unpacks the invisible wars happening on our networks. Covering cybersecurity, privacy legislation, and cryptography, she exposes how our data is weaponized and defended. Before joining for(geeks), she spent years as a penetration tester. She's the reason the rest of the team uses physical security keys.

via TechRadar

// Keep reading