Scattered Spider Teen Hackers Who Threatened to 'Nuke' TfL Access Jailed, Face 95 Years in US
Two teen hackers who threatened to 'nuke' TfL access face potential US penalties of up to 95 years.

Eighteen-year-old Owen Flowers and 19-year-old Thalha Jubair, hackers linked to the Scattered Spider cybercrime group, were sentenced to five and a half years in prison on Thursday after pleading guilty to breaching Transport for London's (TfL) systems.
The pair carried out the attack between 31 August and 3 September 2024, gaining the highest level of access within TfL's systems, leaving more than 140 systems inoperable and forcing the transport authority to take emergency action, the Crown Prosecution Service said.
Flowers also admitted cyberattacks targeting two US healthcare providers, SSM Health and Sutter Health, and could face up to 95 years in prison in the United States if convicted on those charges.
Hackers Reached TfL's Highest-Level Access
Flowers and Jubair gained access to TfL's internal systems during a four-day cyberattack in September 2024, prosecutors said.
Investigators recovered Telegram messages between the pair discussing their actions, including threats to 'nuke access' to the transport network. The CPS said the hackers' actions created a significant risk of serious damage to human welfare and could have caused billions of pounds in economic losses.
TfL responded by shutting down parts of its network to prevent further disruption. The recovery operation cost the transport authority £29 million and left more than 140 systems unavailable.
Lionel Idan, Chief Crown Prosecutor for the Serious Economic and Organised Crime Division, said the attack demonstrated the risks posed by criminals targeting critical infrastructure.
'The evidence revealed not only the sophistication and persistence of their attack but also the recklessness of those responsible,' Idan said.
'Both defendants showed a staggering disregard for the consequences of their actions as their cyberattack led to TfL having to "pull the plug" on their own network to protect it from wider disruption to the transport network.'
TfL Attack Put Millions Of Records At Risk
During the breach, the hackers accessed sensitive TfL systems and extracted information linked to millions of Oyster card holders, prosecutors said.
TfL oversees around nine million passenger journeys each day, and authorities said a successful attempt to disable key systems could have caused significant disruption across London's transport network.
The pair pleaded guilty to offences under Section 3ZA of the Computer Misuse Act 1990, which covers unauthorised acts that cause, or create a significant risk of causing, serious damage to human welfare.
The CPS said Flowers and Jubair were the first hackers to be successfully prosecuted under the section. The investigation found that Flowers had been connected to a remote server used to launch the attack against TfL, as well as attacks targeting US healthcare organisations.
Evidence linking Jubair to the TfL breach was obtained through international co‑operation with overseas law enforcement partners.
Two young men have been sentenced for launching a cyber attack on Transport for London (TfL) which cost tens of millions of pounds in losses and inconvenienced thousands of customers.
— National Crime Agency (NCA) (@NCA_UK) July 16, 2026
Thalha Jubair and Owen Flowers were identified by the NCA and @CityPolice following the attack… pic.twitter.com/ZJdmdZhXRJ
Scattered Spider's Global Cybercrime Network
Flowers and Jubair claimed links to Scattered Spider, an English-speaking hacking collective that cybersecurity researchers believe has been involved in hundreds of attacks between 2022 and 2025.
The group has been associated with attacks against major organisations, often using social engineering techniques, stolen credentials and SIM-swap attacks to gain access to internal systems.
The FBI said the convictions represented a significant step in holding members of the group accountable.
FBI Cyber Division Assistant Director Brett Leatherman said: 'Today's announcement represents a significant step in holding accountable two members of Scattered Spider, a group that has repeatedly relied on data extortion, SIM-swap attacks, and other social engineering techniques to infiltrate networks and undermine critical services.'
'The FBI commends the National Crime Agency for its exceptional work. We will continue to work alongside our global law enforcement partners to investigate cybercriminal actors, disrupt their activities, and hold them accountable.'
Flowers separately admitted offences linked to attacks against US healthcare providers SSM Health and Sutter Health.
Prosecutors said he threatened to lock down the systems despite acknowledging in private messages that the consequences could affect patients. The CPS said Flowers was stopped before he could execute the attack.
International Probe Targets Scattered Spider
The prosecution involved co‑operation between UK authorities and international partners to gather evidence against the two hackers.
The CPS said the case showed how cybercrime investigations require international co‑operation as criminal groups target organisations across borders. Flowers and Jubair had claimed involvement with Scattered Spider during online conversations, investigators said.
© Copyright IBTimes 2025. All rights reserved.

























