Two teenagers plead not guilty to carrying out TfL cyber attack - My London

Two teenagers have pleaded not guilty in connection with a major cyber attack targeting Transport for London (TfL). The defendants, Thalha Jubair, 19, and Owen Flowers, 18, were arrested last September following a joint investigation by the National Crime Agency (NCA) and the City of London Police. Both face charges of conspiring to carry out unauthorised acts against TfL, with the cyber attack allegedly causing significant financial damage and widespread disruption. Court proceedings revealed that the cyber attack resulted in losses estimated at £39 million for TfL. Additionally, the incident caused a "loss of livelihood" for individuals who depend on TfL licenses for their work. The Westminster Magistrates' Court heard that the attack posed a "significant risk" not only to TfL but also to the broader UK economy and the daily lives of Londoners who rely on the transport network. Owen Flowers, who hails from Walsall in the West Midlands, faces further allegations. He was initially arrested over the TfL attack in September 2024 and was taken into custody again in September this year. Alongside the TfL-related charges, Flowers is accused of conspiring to carry out unauthorised cyber attacks against US healthcare organizations, specifically SSM Health Care Corporation and Sutter Health. These additional allegations suggest a wider scope of cybercriminal activity. Thalha Jubair, from Tower Hamlets in East London, also faces an extra charge under the Regulation of Investigatory Powers Act (RIPA) for failing to disclose passwords or PINs for his devices when requested. Both defendants appeared at Southwark Crown Court where they entered pleas of not guilty to all charges. A trial date has been set for June 8, with a pre-trial review scheduled for February 13. Investigations by the NCA have linked the TfL cyber attack to a criminal hacking group known as Scattered Spider. This collective has been connected to other high-profile cyber incidents, including attacks on Jaguar Land Rover and prominent retailers such as Marks and Spencer. TfL confirmed that the cyber breach occurred on September 1 last year, during which sensitive customer data was accessed. This data included names, contact details, and Oyster card refund information, which also contained bank details. The case highlights growing concerns around cybersecurity vulnerabilities in critical transport infrastructure and the far-reaching consequences cyber attacks can have on both public services and the economy. As the legal process unfolds, attention remains on how authorities will manage these emerging digital threats and protect vital systems in the future.