The high-wire act of cyber-sabotage has left Transport for London (TfL) reeling, with two teenagers handed substantial prison sentences for their role in a devastating hack that infiltrated the organisation's core IT systems. Thalha Jubair and Owen Flowers, both 19 at the time of the attack, pleaded guilty to the offence, which was carried out between 31 August and 3 September 2024, causing an estimated £39 million in damage.
Prosecutors revealed that the duo achieved "domain admin" status within TfL's systems – a position described as holding the "keys to the kingdom". At its peak, they possessed the capability to completely shut down and lock out TfL's entire network, putting millions of commuters' data at risk. The attack resulted in 27,000 TfL staff being forced to reset their passwords, with thousands more affected by disruption to services for disabled passengers.
Andy Lord, TfL's head, who has a background in British Airways, described the incident as the most severe he had encountered during his career. The hackers' actions were only brought to an end when TfL disconnected its systems from the internet, while they reportedly used their access to search for celebrity information in TfL's customer database.
Communicating via Telegram, the duo livestreamed the attack, with Jubair carrying out the hacking and Flowers watching on. Both teenagers were identified as key figures within a loose collective known as 'Scattered Spider', suspected of numerous cyber-attacks in recent years. The pair had amassed millions of dollars in cryptocurrency through their illicit activities.
During sentencing at Woolwich Crown Court, details emerged of Jubair's extensive history with computers and hacking, which began when he was introduced to the world of cybercrime by older individuals at just 13. He had previous convictions for 22 offences as a teenager, including fraud, unauthorised computer access, and blackmail.
Flowers, meanwhile, spent much of his youth gaming and participating in online chat forums – a common starting point for many who go on to engage in hacking activities. The pair's actions have left TfL reeling, with the organisation still coming to terms with the full extent of the damage caused by their cyber-attack.