Saturday, July 18, 2026
HomeTechnologyScattered Spider hackers sentenced after hack linked to MGM

Scattered Spider hackers sentenced after hack linked to MGM

Two British members of the Scattered Spider cybercrime collective who helped perform the 2024 cyberattack on Transport for London have been sentenced to five-and-a-half years in jail, bringing to a detailed what the UK’s Nationwide Crime Company described because the nation’s greatest cybercrime prosecution to achieve the courts.

Whereas the Transport for London (TfL) breach was the main target of the prosecution, the case additionally supplies one of many clearest public hyperlinks but between people convicted within the UK and the cybercrime group accountable for among the most disruptive ransomware incidents lately, together with the assaults on MGM Resorts Worldwide and Caesars Leisure in Las Vegas.

Thalha Jubair, 20, and Owen Flowers, 18, pleaded responsible final month earlier than being sentenced at Woolwich Crown Courtroom on Thursday. Prosecutors stated the pair infiltrated TfL’s techniques between Aug. 31 and Sept. 3, 2024, forcing the transport operator to reset passwords for roughly 28,000 staff, disrupting a number of buyer companies and leaving the group with about £29 million in restoration prices.

Authorities stated the hackers gained in depth administrative entry after utilizing social engineering methods to compromise worker credentials. Investigators recovered recordings, screenshots, chat logs and different digital proof tying the pair to the intrusion.

The NCA described the defendants as members of Scattered Spider and stated the Transport for London investigation was “prolonged, extremely advanced and painstaking.”

“The perseverance and meticulousness of our officers, and the work of our associate organisations, meant that Jubair and Flowers had no choice aside from to plead responsible and take accountability for his or her offending,” stated Paul Foster, deputy director and head of the NCA’s Nationwide Cyber Crime Unit.

“The profile of offenders like Flowers and Jubair demonstrates the rising risk from cyber criminals primarily based within the UK and different English-speaking international locations, epitomised by Scattered Spider.”

Foster added: “For this reason we work carefully with companions at residence and overseas to establish offenders inside these networks and produce them to justice.”

TfL case exposes Scattered Spider community assault towards MGM and Caesars

The case is considered vital past the TfL assault as a result of each males had been recognized by the Nationwide Crime Company as members of Scattered Spider, a free community of primarily English-speaking hackers recognized for focusing on main firms by way of assist desk impersonation, SIM-swapping and different social engineering techniques.

The identical group attracted worldwide consideration in September 2023 after breaching MGM Resorts Worldwide, triggering widespread outages that disabled resort room keys, slot machines, cost techniques and different operations throughout its on line casino properties. Caesars Leisure was additionally compromised throughout the identical marketing campaign after attackers allegedly stole buyer information. These incidents established Scattered Spider as one of the crucial succesful financially motivated cybercrime teams working towards giant enterprises.

Safety researchers say Scattered Spider just isn’t a conventional organized gang however a free assortment of hackers related by way of an underground on-line ecosystem often called “The Com.” 

In line with KrebsOnSecurity, members collaborate throughout Telegram and Discord communities, sharing methods, recruiting accomplices and coordinating assaults. The publication additionally reported that some members in these communities have been linked to on-line “hurt teams” concerned in stalking, harassment, sextortion, doxing and coercing susceptible victims into self-harm.

The outlet additionally states that the responsible pleas represented the primary time key members of the group publicly admitted accountability in a significant felony case. The report famous that Flowers individually admitted taking part in conspiracies focusing on U.S. healthcare suppliers SSM Well being and Sutter Well being.

Though prosecutors centered on the TfL intrusion, investigators have described the case as proof of the rising risk posed by younger, English-speaking cybercriminals working from the UK. 

The Nationwide Crime Company stated the prosecution demonstrates its wider effort to establish and dismantle members of Scattered Spider working alongside worldwide regulation enforcement companions, such because the FBI. The sentencing additionally comes as authorities and safety researchers proceed investigating the broader ecosystem surrounding the group, together with hyperlinks to cybercrime, SIM-swapping and on-line harassment communities which have helped gasoline among the most high-profile assaults towards main corporations lately.

Featured picture: Nationwide Crime Company


RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

Recent Comments