Teenage TfL hackers sentenced to years in prison following Scattered Spider attacks
Two young men pleaded guilty to hacking into Transport for London in 2024
- Two UK men sentenced to 5 years and 6 months for the 2024 cyberattack on Transport for London, linked to the Scattered Spider group
- Police seized devices showing evidence of the TfL breach; Flowers was also mid‑attack on US healthcare firms SSM Health and Sutter Health at the time of arrest
- TfL reported $39M in damages; the NCA says the sentencing effectively dismantled Scattered Spider, with Microsoft confirming the arrests degraded the group’s operations
Two young men, one aged 20 and the other 18, have been sentenced to five years and six months in prison for their involvement in the cyberattack on Transport for London (TfL) in 2024.
Thalha Jubair, from East London, and Owen Flowers, from Walsall, West Midlands were arrested in 2025 under the suspicion that they were the leading members of Scattered Spider - an infamous hacking collective known for breaching dozens of companies. Initial reports from different cybersecurity organizations claimed the group consisted mostly of teenagers whose native language was English.
During the arrest, the police seized different types of electronic equipment from the suspects, including laptops, PCs, smartphones, hard drives, removable storage, and more. On one of the computers, law enforcement found screenshots and videos showing the intrusion into TfL’s systems.
Millions in damages
To make matters even worse, Flowers was in the middle of breaking into US healthcare companies SSM Health Care Corporation and Sutter Health when he was arrested: According to the National Crime Agency (NCA), these two were already “infiltrated and damaged”.
The attack on TfL was one of the more disruptive incidents that year, and one which caused a lot of financial damage, too. According to a report TfL shared with the City of London Police (CoLP), it suffered around $39 million in loss and recovery costs.
Both Jubair and Flowers initially pleaded not guilty and changed their pleas to guilty on the day they were due to stand trial, it was said. Now, they are both sentenced to more than five years in jail. The NCA says these arrests and sentencing effectively dismantled the notorious hacking collective.
“Although other cybercriminals may continue to use the damaged Scattered Spider brand, the NCA’s action against Jubair and Flowers effectively halted the group’s criminal activity,” the NCA said in its report.
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
“Independent assessment supports this, with Microsoft confirming that the arrests materially degraded the group's ability to continue conducting cybercriminal operations.”

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.