Key Takeaways:
- Two Scattered Spider hackers sentenced to 5.5 years in UK prison for TfL attack
- US prosecutors linked the group to $115M in crypto ransom from 47+ companies
- FBI seized $36M in crypto from Scattered Spider-linked wallets in July 2024
Key Takeaways:

Two members of the Scattered Spider cybercrime group were sentenced to five years and six months in prison in the UK on Thursday for their role in a 2024 attack on Transport for London that cost £29 million ($38.9 million) to remediate, as US prosecutors linked the group to collecting $115 million in crypto ransom payments from at least 47 American companies.
"The evidence revealed not only the sophistication and persistence of their attack but also the recklessness of those responsible," Lionel Idan, Chief Crown Prosecutor for the Serious Economic and Organised Crime Division at the Crown Prosecution Service, said in a statement. "Both defendants showed a staggering disregard for the consequences of their actions as their cyberattack led to TfL having to 'pull the plug' on their own network to protect it from wider disruption to the transport network."
Thalha Jubair, 20, and Owen Flowers, 18, pleaded guilty on June 22 at Woolwich Crown Court under Section 3ZA of the Computer Misuse Act 1990, which covers unauthorized acts that create a significant risk of serious damage to human welfare. Prosecutors said they were the first hackers successfully prosecuted under that section. The pair gained the highest level of access within TfL's systems during a four-day attack starting Aug. 31, 2024, leaving more than 140 systems inoperable and forcing the transport authority to take emergency action. Investigators recovered Telegram messages between the two discussing their actions, including threats to "nuke access" to the transport network.
The Scattered Spider group has been tied to at least 120 computer network intrusions, according to the US Department of Justice. In September 2023, the group breached Caesars Entertainment and stole a large customer database, prompting the casino operator to pay a $15 million ransom in Bitcoin. The FBI seized about $36 million worth of cryptocurrency from Scattered Spider-linked wallets in July 2024, the DOJ said. Flowers separately admitted to cyberattacks targeting two US healthcare providers, SSM Health and Sutter Health, and could face up to 95 years in prison in the United States if convicted on those charges.
The UK National Crime Agency said the convictions effectively halted the group's criminal activity, with Microsoft independently confirming that the arrests materially degraded the group's ability to continue operations. Other alleged members continue to face prosecution: Peter Stokes, a 19-year-old dual US-Estonian national, was recently extradited to the US, and Tyler Buchanan, a British national, pleaded guilty in a US court in April. The case underscores the growing cross-border coordination between UK and US law enforcement agencies targeting crypto ransomware groups that have extorted hundreds of millions of dollars from critical infrastructure operators, healthcare providers and financial institutions.
This article is for informational purposes only and does not constitute investment advice.