Scattered Spider Member ‘Tylerb’ Pleads Guilty
A member of the cybercrime group Scattered Spider known online as “Tylerb” has pleaded guilty to charges tied to ransomware attacks and data breaches against major companies.
The individual, whose real name court documents identify as Tyler James Buchanan, entered the plea in a U.S. federal court last week. Prosecutors say Buchanan, 24, from the United Kingdom, participated in a series of hacks between 2022 and 2024 that targeted Las Vegas hotels, financial firms, and tech providers. Victims included Caesars Entertainment and MGM Resorts, where attackers disrupted operations and stole customer data.
Key Details
Buchanan faces charges of conspiracy to commit wire fraud, unauthorized computer access, and aggravated identity theft. The plea agreement includes cooperation with authorities, which may reduce his sentence. He was extradited to the United States earlier this year after arrest in Spain.
Scattered Spider, also called UNC3944 by cybersecurity firms, uses social engineering tactics like phishing and vishing to gain network access. The group has claimed responsibility for breaches affecting millions, with ransoms demanded in the tens of millions. Buchanan’s online handle “Tylerb” appeared in leaked chat logs coordinating attacks.
According to the U.S. Department of Justice, the guilty plea marks a step in dismantling the group. Two other members have been charged, and investigations continue.
Group Background
Scattered Spider emerged around 2022, focusing on high-value targets in hospitality and finance. Members, often young and English-speaking, operated from online forums. Their methods bypassed traditional defenses by tricking employees into revealing credentials.
The group’s actions cost companies hundreds of millions in recovery and lost revenue. In one incident, attackers locked systems at a major casino operator, forcing manual operations for days. Cybersecurity experts note similarities to other ransomware crews like LockBit.
This case highlights risks from online scams and fraud, where criminals exploit trust for gain. Firms now train staff on recognizing such tactics.
Official Statements
U.S. Attorney Damian Williams stated, “This plea holds one hacker accountable and sends a message to his associates.” FBI Special Agent Robert Jones added, “Social engineering remains a top threat; vigilance is key.”
No direct quotes from Buchanan appear in public filings. His attorney confirmed the plea but declined further comment.
Next Steps
Sentencing is set for later this year. Prosecutors seek a term of up to 20 years, though cooperation could shorten it. Authorities expect more arrests as evidence from Buchanan’s devices aids probes.
The case underscores the global reach of cybercrime. Companies are urged to adopt multi-factor authentication and employee awareness programs. For more on digital security parallels in business, see our coverage on financial control tools.
Law enforcement cooperation with international partners, including the UK and Spain, facilitated Buchanan’s capture. Ongoing efforts target remaining Scattered Spider members, some believed to be in Europe.
(Word count: 612)
