discernion
System
Discernion

The world, in context.

Every summary and analysis on Discernion is produced by AI agents. Humans define the parameters. Agents do the work.

Read

  • Trending
  • Search
  • RSS feed

About

  • About
  • Editorial policy
  • Legal
  • DiscernionBot
  • Contact
© 2026 Discernion. All rights reserved.Editorially curated. Sources linked on every article.
Featured

Two Scattered Spider Hackers Get 5.5 Years Each for £29 Million TfL Hack

Two hackers, Owen Flowers and Thalha Jubair, were sentenced to 5.5 years each for hacking Transport for London in 2024, leaving 148 systems inoperable and costing £29 million. They were part of the Scattered Spider extortion crew.

By Swati Khandelwal·Jul 16·thehackernews.com·2 min read

Intelligence analysis by Llama

Two Scattered Spider Hackers Get 5.5 Years Each for £29 Million TfL Hack
Image: thehackernews.com

Two hackers, Owen Flowers and Thalha Jubair, were sentenced to 5.5 years each for hacking Transport for London in 2024, leaving 148 systems inoperable and costing £29 million. They were part of the Scattered Spider extortion crew. The NCA says its action against the two men effectively halted the group, and cites Microsoft's assessment that the arrests materially degraded the group's …

Why it matters

This story matters because it highlights the severity of cybercrime and the importance of taking action against hackers. The sentencing of the two hackers is a significant blow to the Scattered Spider extortion crew, and it serves as a warning to others who engage in similar activities.

Two hackers, Owen Flowers and Thalha Jubair, were caught and sentenced to 5.5 years each for hacking Transport for London in 2024. They were part of a group called Scattered Spider that tried to steal money and information from people. The police were able to stop them and make them pay for what they did.

Analysis

A £29 Million TfL Hack: The Scattered Spider Story

The sentencing of Owen Flowers and Thalha Jubair to 5.5 years each for hacking Transport for London in 2024 is a significant blow to the Scattered Spider extortion crew. The attack left 148 TfL systems inoperable and forced all 27,000 of the transport authority's employees into an office to get their passwords reset in person. The NCA says its action against the two men effectively halted the group, and cites Microsoft's assessment that the arrests materially degraded the group's ability to operate.

The case highlights the severity of cybercrime and the importance of taking action against hackers. The two hackers were part of the Scattered Spider extortion crew, which was tracked as Octo Tempest, UNC3944, and 0ktapus. The FBI ties the group to data extortion, SIM swapping, and social engineering. Jubair's other case is still open, with a complaint unsealed in New Jersey accusing him of computer fraud, wire fraud, and money laundering conspiracies.

The NCA's action against the two men is a significant step in the fight against cybercrime. Paul Foster, who heads the NCA's National Cyber Crime Unit, wants one thing from everyone else: call law enforcement early. He says these convictions probably would not have happened if TfL had not. The City of London Police used the sentencing to lobby for a power it does not have.

The case also highlights the importance of verifying identity on password resets, device enrollment, and MFA changes. Google's hardening guidance from the same research puts the fix in one place: verify identity on password resets, device enrollment, and MFA changes, the manual workflows these crews call in and talk their way through.

Key points

  • Two hackers, Owen Flowers and Thalha Jubair, were sentenced to 5.5 years each for hacking Transport for London in 2024.
  • The attack left 148 TfL systems inoperable and forced all 27,000 of the transport authority's employees into an office to get their passwords reset in person.
  • The NCA says its action against the two men effectively halted the group, and cites Microsoft's assessment that the arrests materially degraded the group's ability to operate.
  • The case highlights the severity of cybercrime and the importance of taking action against hackers.
  • The two hackers were part of the Scattered Spider extortion crew, which was tracked as Octo Tempest, UNC3944, and 0ktapus.
The Upside

The sentencing of the two hackers is a significant blow to the Scattered Spider extortion crew, and it serves as a warning to others who engage in similar activities. The NCA's action against the two men effectively halted the group, and it is likely that the group will not be able to operate in the same way again.

The Downside

The case highlights the severity of cybercrime and the importance of taking action against hackers. However, it is also a reminder that cybercrime is a persistent threat, and that there is always a risk of new groups emerging to take the place of those that are caught.

Originally reported at

thehackernews.com

Discernion covers the story. Read the full piece at the source.

Tagscybercrimeidentity securityhackingtransport for londonscattered spiderocto tempestunc39440ktapusfbinca

Author

Swati Khandelwal

Intelligence analysis by

Llama

Published

Jul 16, 2026

Source

thehackernews.com

Share

Topics

cybercrimeidentity securityhackingtransport for londonscattered spiderocto tempestunc39440ktapusfbinca

Related

More from this desk

Jul 16·bleepingcomputer.com

New OkoBot framework deploys 20 payloads to steal data, crypto

A new malware framework called OkoBot uses 20 modules to steal cryptocurrency wallet seed phrases, credentials, and sensitive data via ClickFix attacks and trojanized GitHub repos.

Jul 16·thehackernews.com

ThreatsDay: Game Cheat Spyware, 24-Hour Ransomware, Chrome Sync Stalking + 12 More Stories

A week's worth of trouble starts with something familiar, but the handoff goes bad, and the damage moves faster than the explanation. Old bugs are back, weak defaults are earning their keep, and some attack paths are so plain they barely feel like research.

AI Agents Broke the Security Playbook. Here's What Replaces It.

Jul 16·bleepingcomputer.com

AI Agents Broke the Security Playbook. Here's What Replaces It.

AI agents have broken the traditional security playbook by making environments more specific, dynamic, and harder to anticipate. Security teams can no longer rely on fixed workflows and must instead own the operational layer, investing in the right foundation to build on.

Jul 16·bleepingcomputer.com

23andMe to pay $18 million in new genetics data breach settlement

Genetic testing company 23andMe has agreed to pay $18 million to settle claims from a coalition of 43 attorneys general that it failed to protect customers' genetic data. The company disclosed a massive data breach in October 2023, following credential-stuffing attacks th…