Sunday, July 19, 2026

Scattered Spider hackers sentenced after hack linked to MGM

Two British members of the Scattered Spider cybercrime collective who helped perform the 2024 cyberattack on Transport for London have been sentenced to five-and-a-half years in jail, bringing to a detailed what the UK’s Nationwide Crime Company described because the nation’s greatest cybercrime prosecution to achieve the courts.

Whereas the Transport for London (TfL) breach was the main focus of the prosecution, the case additionally gives one of many clearest public hyperlinks but between people convicted within the UK and the cybercrime group chargeable for a few of the most disruptive ransomware incidents in recent times, together with the assaults on MGM Resorts Worldwide and Caesars Leisure in Las Vegas.

Thalha Jubair, 20, and Owen Flowers, 18, pleaded responsible final month earlier than being sentenced at Woolwich Crown Court docket on Thursday. Prosecutors mentioned the pair infiltrated TfL’s programs between Aug. 31 and Sept. 3, 2024, forcing the transport operator to reset passwords for roughly 28,000 staff, disrupting a number of buyer companies and leaving the group with about £29 million in restoration prices.

Authorities mentioned the hackers gained in depth administrative entry after utilizing social engineering strategies to compromise worker credentials. Investigators recovered recordings, screenshots, chat logs and different digital proof tying the pair to the intrusion.

The NCA described the defendants as members of Scattered Spider and mentioned the Transport for London investigation was “prolonged, extremely complicated and painstaking.”

“The perseverance and meticulousness of our officers, and the work of our associate organisations, meant that Jubair and Flowers had no possibility apart from to plead responsible and take accountability for his or her offending,” mentioned Paul Foster, deputy director and head of the NCA’s Nationwide Cyber Crime Unit.

“The profile of offenders like Flowers and Jubair demonstrates the growing risk from cyber criminals based mostly within the UK and different English-speaking international locations, epitomised by Scattered Spider.”

Foster added: “That is why we work carefully with companions at house and overseas to determine offenders inside these networks and convey them to justice.”

TfL case exposes Scattered Spider community assault towards MGM and Caesars

The case is regarded as vital past the TfL assault as a result of each males have been recognized by the Nationwide Crime Company as members of Scattered Spider, a free community of primarily English-speaking hackers identified for concentrating on main companies by assist desk impersonation, SIM-swapping and different social engineering techniques.

The identical group attracted worldwide consideration in September 2023 after breaching MGM Resorts Worldwide, triggering widespread outages that disabled resort room keys, slot machines, cost programs and different operations throughout its on line casino properties. Caesars Leisure was additionally compromised throughout the identical marketing campaign after attackers allegedly stole buyer knowledge. These incidents established Scattered Spider as some of the succesful financially motivated cybercrime teams working towards massive enterprises.

Safety researchers say Scattered Spider will not be a conventional organized gang however a free assortment of hackers linked by an underground on-line ecosystem often called “The Com.” 

In response to KrebsOnSecurity, members collaborate throughout Telegram and Discord communities, sharing strategies, recruiting accomplices and coordinating assaults. The publication additionally reported that some contributors in these communities have been linked to on-line “hurt teams” concerned in stalking, harassment, sextortion, doxing and coercing weak victims into self-harm.

The outlet additionally states that the responsible pleas represented the primary time key members of the group publicly admitted accountability in a significant prison case. The report famous that Flowers individually admitted collaborating in conspiracies concentrating on U.S. healthcare suppliers SSM Well being and Sutter Well being.

Though prosecutors centered on the TfL intrusion, investigators have described the case as proof of the rising risk posed by younger, English-speaking cybercriminals working from the UK. 

The Nationwide Crime Company mentioned the prosecution demonstrates its wider effort to determine and dismantle members of Scattered Spider working alongside worldwide legislation enforcement companions, such because the FBI. The sentencing additionally comes as authorities and safety researchers proceed investigating the broader ecosystem surrounding the group, together with hyperlinks to cybercrime, SIM-swapping and on-line harassment communities which have helped gas a few of the most high-profile assaults towards main firms in recent times.

Featured picture: Nationwide Crime Company



Related Articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles