Two youngsters, believed to be linked to the August 2024 cyberattack on Transport for London, have been arrested in the UK.
Believed to be members of the infamous Scattered Spider hacking collective, 18-year-old Owen Flowers from Walsall and 19-year-old Thalha Jubair from East London are scheduled to look at Westminster Magistrates Courtroom in the present day.
Flowers was beforehand arrested for his alleged involvement within the TfL assault in September 2024, however was launched on bail after being questioned by officers of the UK Nationwide Crime Company.
Since then, NCA investigators have discovered extra proof probably linking Flowers to assaults in opposition to U.S. healthcare corporations.
The 2 suspects are being prosecuted for laptop misuse and fraud-related expenses linked to an investigation into the breach of London’s public transportation company. Moreover, Flowers faces expenses for conspiring to assault the networks of SSM Well being Care Company and Sutter Well being in the USA.
“This assault triggered important disruption and tens of millions in losses to TfL, a part of the UK’s vital nationwide infrastructure,” mentioned Deputy Director Paul Foster, the pinnacle of the NCA’s Nationwide Cyber Crime Unit.
“Earlier this 12 months, the NCA warned of a rise within the risk from cyber criminals primarily based within the UK and different English-speaking international locations, of which Scattered Spider is a transparent instance.”
The U.S. Division of Justice additionally charged Thalha Jubair in the present day with conspiracies to commit laptop fraud, cash laundering, and wire fraud, in relation to no less than 120 community breaches and extortion assaults worldwide between Might 2022 and September 2025, which affected no less than 47 U.S. organizations.
The grievance, filed within the District of New Jersey and unsealed in the present day, alleges that victims have paid Jubair and his accomplices no less than $115,000,000 in ransom funds.
The Transport for London cyberattack
TfL disclosed the August 2024 cyberattack on September 2, 2024, stating that it had not discovered proof that any buyer information was compromised within the breach.
Whereas the assault didn’t have an effect on London’s transportation providers, it did disrupt inner programs and on-line providers, in addition to TfL’s skill to course of refunds. In a subsequent replace, TfL revealed that buyer information, together with names, contact particulars, and addresses, had truly been compromised throughout the incident.
TfL gives transportation providers to over 8.4 million Londoners by means of its floor, underground, and Crossrail transport programs, collectively managed with the UK’s Division for Transport.
In Might 2023, TfL was the sufferer of one other safety breach after the Clop ransomware gang stole information belonging to over 13,000 clients from certainly one of its suppliers’ MOVEit Managed File Switch (MFT) servers.
The NCA arrested 4 different suspected members of the Scattered Spider cybercrime collective in July, believed to be concerned in cyberattacks focusing on main retailers within the nation, together with Marks & Spencer, Harrods, and Co-op.
46% of environments had passwords cracked, practically doubling from 25% final 12 months.
Get the Picus Blue Report 2025 now for a complete have a look at extra findings on prevention, detection, and information exfiltration developments.
