Redazione RHC : 19 September 2025 12:11
Two young men involved in the Scattered Spider group have been charged as part of the National Crime Agency investigation into a cyber attack on Transport for London (TfL). On August 31, 2024, TfL was the subject of a network intrusion that investigators believe was carried out by members of the criminal collective.
Thalha Jubair, 19, from East London, and Owen Flowers, 18, from Walsall, West Midlands, were arrested on Tuesday (September 16) at their home addresses by the NCA and City of London Police.
Both appeared today (September 18) at Westminster Magistrates Court, after the Crown Prosecution Service authorised their charges of conspiracy to commit unauthorised acts against TfL under the Computer Misuse Act. Act.
Flowers was initially arrested for the attack on TfL on September 6, 2024, at which point NCA officers identified further potential evidence of crime against US healthcare companies. Therefore, Flowers has now also been charged with conspiring with others to infiltrate and damage the networks of SSM Health Care Corporation and attempting to do the same to the networks of Sutter Health, both based in the United States.
Jubair has also been charged under RIPA for failing to disclose the PIN or passwords for devices that were seized from him. Flowers and Jubair have been remanded in custody and are both due to appear at Southwark Crown Court on October 16, 2025. Deputy Director Paul Foster, head of the NCA’s National Cyber Crime Unit, said:
“Today’s charges represent a critical step in what has been a long and complex investigation. This attack has caused significant disruption and millions in losses to TfL, part of the UK’s critical national infrastructure. Earlier this year, the NCA raised the alarm about an increased threat posed by cybercriminals based in the UK and other countries. English-speaking communities, of which Scattered Spider is a prime example. The NCA, UK Police, and our international partners, including the FBI, are collectively committed to identifying offenders within these networks and ensuring they are brought to justice.
The NCA’s investigation was also supported by the West Midlands Regional Organized Crime Unit and the British Transport Police.
Adam Meyers, Head of Counter-Adversary Operations, CrowdStrike reported:
“The arrests of SCATTERED SPIDER members represent a significant blow to one of the most disruptive eCrime groups operating today. Since emerging in 2022, SCATTERED SPIDER has conducted increasingly aggressive ransomware and extortion campaigns across a number of verticals. This coordinated law enforcement action will likely degrade SCATTERED SPIDER’s operations in the near term. More importantly, it sends a message: cybercriminals who aggressively extort and disrupt are not beyond reach. But this isn’t just about arrests — it demonstrates the impact of strong public-private collaboration — when law enforcement and industry share intelligence and act decisively, we can disrupt operations that are inflicting real damage on global businesses.”
Hannah Von Dadelszen, Chief Crown Prosecutor for the Crown Prosecution Service, said:
“The Crown Prosecution Service has decided to prosecute Thalha Jubair and Owen Flowers on charges of computer abuse and fraud, following an investigation by the National Crime Agency into a cyber attack on the Transport for London network. Our prosecutors have worked to establish that there is sufficient evidence to bring the case to court and that it is in the public interest to pursue a criminal prosecution. We have worked closely with the National Crime Agency throughout the investigation. investigations.”
Victims of cybercrime should use the government website Cyber Incident Signposting for guidance on where to report an incident. The Cyber Choices program helps people make informed choices about using their cyber skills legally. Visit www.cyberchoices.uk.
Redazione