Two young members linked to the notorious Scattered Spider cybercrime group have admitted their role in the major cyber-attack that targeted Transport for London (TfL) in 2024. The case has drawn significant attention because the attack disrupted services used by millions of passengers and caused financial losses estimated at around £39 million. Authorities described the operation as one of the most serious cyber incidents to affect the UK’s transport network.
The hackers were identified as Thalha Jubair, 20, from East London, and Owen Flowers, 18, from Walsall. Both pleaded guilty to offences under the Computer Misuse Act during proceedings at Woolwich Crown Court. Investigators said the pair were associated with the Scattered Spider cybercrime group, which has been linked to several high-profile attacks in recent years.
The cyber-attack took place between August 29 and September 3, 2024, and affected several important TfL digital services. During the incident, passengers were unable to access live Tube arrival information through the TfL website and app. Payment services linked to Oyster cards and contactless systems were also disrupted, creating difficulties for commuters across London.
Investigators found that the attack also exposed customer information stored within TfL systems. Reports indicate that personal details belonging to thousands of customers were compromised, including names, addresses, contact information, and certain financial details connected to Oyster card accounts. TfL later contacted millions of customers to inform them about the incident and its possible impact.
Although London’s transport network continued operating, several online services experienced major disruptions. Customers temporarily lost access to online Oyster card functions, while related services such as journey-planning tools and Dial-a-Ride support were affected. TfL staff also had to undertake extensive security measures, including large-scale credential and password resets.
The investigation uncovered substantial digital evidence linking the pair to the attack. Authorities recovered recordings, screenshots, communications, and cryptocurrency assets believed to be connected to their activities. Officials noted that significant amounts of cryptocurrency were found despite the defendants having no obvious legitimate source of income.
Court proceedings also revealed that Owen Flowers admitted involvement in separate cyber intrusions targeting healthcare organizations in the United States. Meanwhile, Thalha Jubair had previously been linked to other cybercrime investigations involving major companies. Law enforcement agencies described the case as part of a growing trend of sophisticated cybercrime being carried out by young English-speaking threat actors.
The National Crime Agency said the case highlights the increasing threat posed by organized cybercrime groups such as Scattered Spider. Both defendants remain in custody and are expected to be sentenced in July 2026. Security experts believe the incident serves as a reminder that cyber-attacks can cause major financial damage and disrupt essential public services relied upon by millions of people every day.
Stay alert, and keep your security measures updated!
Source: Follow cybersecurity88 on X and LinkedIn for the latest cybersecurity news
