×
google news

Scattered Spider Members Jailed for Disrupting London’s Transport Systems

Two young hackers, members of the notorious Scattered Spider group, have been sentenced for a cyberattack on Transport for London that caused millions in damages.

Scattered Spider Members Jailed for Disrupting London's Transport Systems

The cyber world witnessed a significant event last year when two young hackers, Owen Flowers and Thalha Jubair were sentenced for their roles in a massive cyberattack on Transport for London (TfL). The attack, which occurred between 31 August and 3 caused substantial financial losses and disrupted essential services for thousands of Londoners.

The pair, described as computer-obsessed loners were part of the notorious hacking group Scattered Spider which has been linked to several high-profile cyberattacks. Their actions not only highlighted the vulnerabilities in critical infrastructure but also raised questions about the grooming of young hackers by older criminals.

The Cyberattack and Its Impact

The cyberattack on TfL was particularly devastating, costing the organization £29 million in recovery costs and an estimated £10 million in lost revenue. The hackers compromised the accounts of 28,000 employees and exported about six million lines of data.

The disruption affected various services, including the Dial-a-Ride booking service the provision of concessionary travel cards, and the digital payments channel.

The attack also delayed the extension of contactless ticketing and left some customers out of pocket for longer than usual due to issues with the Oyster refund system. The incident highlighted the critical role of cybersecurity in protecting essential services and the potential economic impact of such attacks.

The Hackers’ Background and Motives

Thalha Jubair who has autism spectrum disorder was described as a modern-day Oliver Twist by his defence team. Raised in a tower block in Tower Hamlets Jubair developed an interest in computing from an early age. His defence argued that he was groomed and exploited by older criminals, driven by curiosity and a desire for validation online.

Owen Flowers the younger of the pair, had a difficult upbringing and lived with his grandmother in Walsall. Like Jubair, he had no friends outside of the online world and was described as immature and neurodivergent. Both hackers were members of Scattered Spider a group known for its sophisticated cyberattacks on major companies and institutions.

The Investigation and Arrest

The investigation into the cyberattack was led by the National Crime Agency (NCA) and the City of London Police (CoLP). The hackers were arrested at their home addresses on 16 September last year. The NCA’s action effectively halted the group’s criminal activity, with Microsoft confirming that the arrests materially degraded the group’s ability to continue operations.

The hackers were identified after Jubair made a simple mistake: ordering a takeaway using food delivery gift vouchers purchased with a cryptocurrency wallet hosted on the same server used to store tens of millions of dollars’ worth of Bitcoin paid in ransoms. This digital trail led detectives to his address in Bow, London.

The Legal Proceedings and Sentencing

Jubair and Flowers pleaded guilty to the attack under the Computer Misuse Act (CMA) specifically Section 3ZA which applies to unauthorised acts causing significant risk of serious damage. They were sentenced to five years and six months in prison at Woolwich Crown Court on 16 July 2026.

The sentencing highlighted the seriousness of cybercrime and the need for robust legal measures to combat it. Deputy Director Paul Foster of the NCA’s National Cyber Crime Unit emphasized the significance of the prosecution, stating that it was the largest cybercrime prosecution ever brought before the UK courts.

The case also underscored the importance of early engagement with law enforcement in such incidents. Andy Lord, London’s Transport Commissioner, thanked the NCA and other partners for their investigations and emphasized the importance of continually monitoring systems to ensure only authorized access.

The sentencing of Jubair and Flowers serves as a stark reminder of the potential consequences of cybercrime and the need for vigilance in protecting critical infrastructure. It also highlights the importance of addressing the underlying issues that make young individuals vulnerable to grooming by cybercriminals.

World Cup 2026

Upcoming matches

Sat 18 Jul
France
22:00BSTThird place
England
Sun 19 Jul
Spain
20:00BSTFinal
Argentina

Results

Wed 15 Jul
England
12FT · Semi-finals
Argentina
Tue 14 Jul
France
02FT · Semi-finals
Spain
Updated 20:08 BST

Contacts:
Jordan Wells

Jordan Wells covers Pride, policy and the cultural arc with equal seriousness. Reports on legislation, films, and the writers reshaping queer narrative today.