Dernière minute
RUБелгород и Белгородский округ вновь подверглись ракетной атаке ВСУFREmmanuel Macron condamne les attaques racistes contre Kylian MbappéRUЗеленский потребовал от ЕС и НАТО поделиться технологиями производства ракетITSquadre USA di ricerca e soccorso concludono missione in VenezuelaITRoberto Martínez annuncia: "È la mia ultima partita con il Portogallo"ARإسبانيا تطيح بالبرتغال، والنرويج تتأهل لأول مرة في تاريخها بكأس العالمAUAlcoa's $8.1B Deal Could Unlock Jarrah Forests for Bauxite Mining, Environmentalists WarnCN法国总统马克龙访问叙利亚,寻求加强经济合作与地区和平CNUS-China Financial Ties: Deeply Entangled Despite RivalryKR에볼라, '아프리카'가 아닌 '제도'의 문제…신뢰 기반 파트너십 필요RUБелгород и Белгородский округ вновь подверглись ракетной атаке ВСУFREmmanuel Macron condamne les attaques racistes contre Kylian MbappéRUЗеленский потребовал от ЕС и НАТО поделиться технологиями производства ракетITSquadre USA di ricerca e soccorso concludono missione in VenezuelaITRoberto Martínez annuncia: "È la mia ultima partita con il Portogallo"ARإسبانيا تطيح بالبرتغال، والنرويج تتأهل لأول مرة في تاريخها بكأس العالمAUAlcoa's $8.1B Deal Could Unlock Jarrah Forests for Bauxite Mining, Environmentalists WarnCN法国总统马克龙访问叙利亚,寻求加强经济合作与地区和平CNUS-China Financial Ties: Deeply Entangled Despite RivalryKR에볼라, '아프리카'가 아닌 '제도'의 문제…신뢰 기반 파트너십 필요
Newsgather
BackTwo British Hackers Plead Guilty in £39m Transport for London Cyber-Attack
Two British Hackers Plead Guilty in £39m Transport for London Cyber-Attack
En développement
Guardian UK22.06.2026Crime4 dk okumaUnited Kingdom

Two British Hackers Plead Guilty in £39m Transport for London Cyber-Attack

L'essentiel

  • Two British members of the Scattered Spider hacking group, Thalha Jubair and Owen Flowers, pleaded guilty to a cyber-attack on Transport for London that cost £39m and affected 10 million people.
  • The attack disrupted services and led to customer data theft.

Résumé généré par IA

Pourquoi c'est important

Two British cybercriminals, part of the Scattered Spider group, have pleaded guilty to a significant cyber-attack on Transport for London. The attack caused substantial financial loss and impacted millions of customers.

Taille de police

Two British cybercriminals from the Scattered Spider hacking group have pleaded guilty to a cyber-attack on Transport for London in 2024 that cost £39m and affected 10 million people.

Thalha Jubair, 20, and Owen Flowers, 18, pleaded guilty to offences under the Computer Misuse Act at Woolwich crown court on Monday.

The National Crime Agency (NCA) said the duo were part of an online hacking community known as Scattered Spider, suspected of carrying out a series of attacks in recent years. TfL, the London mayor’s transport authority, handles up to 5m passenger journeys a day on the underground alone.

TfL said it had emailed more than 7 million customers in September 2024 “to inform them about the incident” and tell them that “some customer data may have been taken”. The BBC has reported that 10 million TfL customers had their data stolen.

The attack, which took place between 29 August and 3 September 2024, prevented live tube arrival information from appearing on the TfL Go app and the TfL website, while TfL was also unable to process any payments on the Oyster and contactless apps or to register Oyster cards to customer accounts. The cyber-attack cost TfL £39m.

Jubair, of Bow, east London, and Flowers, of Walsall, West Midlands, both admitted conspiring to commit unauthorised acts against computer systems belonging to TfL, causing risk of serious damage to human welfare.

Flowers alone also admitted hacking two US healthcare companies. He admitted conspiring to commit unauthorised acts against computer systems belonging to SSM Health Care Corporation and attempting to commit unauthorised acts against computer systems belonging to Sutter Health, on or about 6 September 2024.

The pair entered their guilty pleas on the first day of what was due to be a six-week trial. Mr Justice Turner remanded Jubair – wearing glasses in a grey suit, shirt and tie – and Flowers – wearing glasses in a blue sweater and grey tracksuit bottoms – in custody before a two-day sentencing hearing on 15 July.

Jubair has also been accused by the US Department of Justice of involvement in a series of cyber-attacks that targeted 47 US organisations and garnered more than $100m (£75m) in ransom payments.

Flowers denied two further hacking charges and they were ordered to lie on file.

Paul Foster, the head of the NCA’s national cyber crime unit, said the TfL incident underlined the growing threat from homegrown and English-speaking hackers. Typically, crippling hacks on high-profile public and private organisations have been carried out by Russian speaking hackers or assailants based in the former Soviet Union.

“The profile of offenders like Flowers and Jubair demonstrates the increasing threat from cybercriminals based in the UK and other English-speaking countries, epitomised by Scattered Spider,” he said.

The NCA said Flowers and Jubair were both “members of the online criminal collective known as Scattered Spider”, a moniker assigned to the loose collective by cybersecurity analysts.

The NCA said the hackers had accessed TfL’s refunds system leaving some customers out of pocket for much longer than usual. The attack also shut the application system for Oyster photocards for children and young people.

Foster added that the damage showed cybercrime has “real-world consequences and impacts hugely on the public” despite appearing to be “faceless and distant” compared with other crimes.

Investigators found a number of devices at Flowers’ West Midlands home including laptops, hard drives and USB sticks. One laptop contained a screen shot showing network connectivity to TfL infrastructure.

The laptop also contained a number of videos that Flowers had recorded, showing Jubair accessing TfL systems during the attack. The pair were using the Telegram messaging platform to communicate with each other and also communicated through an online tool where multiple participants can work together remotely.

A previous hearing was told that $10m was moved from Jubair’s crypto wallets after he was released from custody in March last year and $200m worth of crypto had also moved through accounts belonging to him. An earlier hearing was also told Flowers held $7.1m including crypto in accounts he controlled, despite having no source of income.

Both defendants have been diagnosed with autism and Jubair also suffers from depression and a severe mood disorder.

Jubair has convictions involving 22 offences, 13 counts of fraud, two of unauthorised access to a computer, one count of obtaining access to a computer and one count of blackmail.

He was subject to a youth rehabilitation order at the time of the TfL offences, which came from his hacking of BT and EE as well as computer chip company Nvidia, which he was convicted for at 17.

Jubair also had a Bangladeshi passport, which he had not declared to the police and which they found hidden down the back of the sofa at his home.

À surveiller

Perspective IA — des possibilités, pas des certitudes

  • Sentencing of Jubair and Flowers on July 15th.

    Très probable · En quelques semaines

Questions ouvertes

  • Extent of customer data compromised?
  • Full scope of Scattered Spider's activities?
  • Future preventative measures by TfL?

Sujets liés

This article was originally published by Guardian UK.

Articles liés

Plus sur ce sujetcybercrime