V-Help
← All news
Security

Scattered Spider Hackers Sentenced to 5.5 Years for London Transport Cyberattack

Scattered Spider Hackers Sentenced to 5.5 Years for London Transport Cyberattack

Photo: BleepingComputer

Quick answer

Two Scattered Spider hackers were sentenced to 5.5 years for the 2024 TfL cyberattack. The breach disabled 148 systems, disrupted payments, and leaked data of 8.4 million passengers.

A UK court sentenced two members of the cybercriminal group Scattered Spider to five and a half years in prison for breaching Transport for London’s (TfL) systems in August 2024. 20-year-old Talha Jubair and 18-year-old Owen Flowers pleaded guilty to computer misuse charges.

The attack on TfL, which serves over 8.4 million passengers, caused disruptions across 148 systems, including online payments, concession cards, and refund services. All 27,000 employees were forced to reset their passwords. Additionally, the hackers stole customer data, including names, addresses, and contact information.

According to TfL, direct losses from the incident amounted to £29 million, though experts estimate potential economic damage to the UK at £56 billion if the hackers had fully paralyzed the transport network. The investigation also revealed that Flowers was preparing attacks on US healthcare companies Sutter Health and SSM Health Care Corporation.

Representatives of the UK’s National Crime Agency (NCA) described Scattered Spider as the ‘most serious cyber threat to the UK in recent years.’ In July 2025, four additional suspected members were arrested for attacks on major British retailers, including Harrods and Marks & Spencer.

In the US, Jubair faces charges of fraud, money laundering, and breaches of over 120 organizations, including critical infrastructure targets. According to investigators, the group extorted over $115 million from victims between August 2024 and July 2025.

Common questions

Who is Scattered Spider?
Scattered Spider is an international cybercriminal group specializing in breaches of major organizations, ransomware attacks, and data theft. It is considered one of the most dangerous threats to the UK and US in recent years.
What were the consequences of the TfL attack?
The attack disrupted online payment systems, concession card services, and refund processes. It also exposed customer data, forcing 27,000 TfL employees to reset passwords.
What actions are being taken against Scattered Spider?
UK and US law enforcement are actively investigating the group. In July 2025, four additional suspects linked to attacks on major British retailers, including Harrods and Marks & Spencer, were arrested.
Share:

Dzen feed: /feed/dzen.xml · RSS: /feed.xml

Why trust this

Prepared by the V-Help editorial team from the primary source with a published date.

Published by: V-Help.ru news desk

Source: BleepingComputer