This week, two individuals associated with the cybercrime group Scattered Spider entered guilty pleas in the United Kingdom, admitting to their roles in a significant cyberattack on Transport for London in August 2024. Owen Flowers, aged 18, and 20-year-old Thalha Jubair, were charged with conspiring to infiltrate the transportation entity's computer systems, posing a serious threat to public safety.
Both men were expected to face a lengthy trial, which was set to last six weeks. In addition to the London attack, Flowers confessed to being part of a conspiracy aimed at breaching U.S. healthcare providers, including SSM Health Care Corporation and Sutter Health, in September 2024. Meanwhile, Jubair is also being pursued by law enforcement in the U.S.
Federal prosecutors in New Jersey revealed an indictment in September 2025, which implicated Jubair and other members of Scattered Spider in over 120 computer network intrusions affecting 47 U.S. entities from May 2022 to September 2025, with ransom payments exceeding $115 million. Reports indicate that both men were previously arrested in July 2025 for ransom attacks targeting major retailers such as Marks & Spencer and Harrods.
Jubair reportedly co-managed a Telegram channel named Star Chat, which facilitated SIM-swapping schemes that involved phishing tactics to steal credentials from employees at major telecommunications companies. This operation enabled the group to redirect victims' phone numbers, allowing attackers to intercept calls and messages, including vital authentication codes.