A British man, Tyler Robert Buchanan (24), has admitted to a years-long hacking campaign that brought in millions by targeting individual victims and companies in the United States, according to the US Department of Justice (DOJ).
Authorities say the defendant breached into corporate networks, accessed sensitive systems, and then turned that access into profit by stealing data and crypto assets. The activity ran over several years (from September 2021 to April 2023) and targeted organizations that depended on cloud services and internal tools for daily operations.
From the details released, the hacker relied on leaked or compromised employee login credentials and used malicious text messages with phishing links, known as SMS phishing, to gain access and move through company systems without detection. Once inside, he was able to extract data, including customer information and proprietary material, and in some cases monetize access itself.
The DOJ’s press release estimates that losses were at least $8 million, a figure that includes stolen cryptocurrency and revenue linked to unauthorized access. However, this number may not reflect the full damage, as companies often face added costs such as incident response, legal action, and reputational harm after breaches of this type.
Some recent examples are the massive Under Armour data breach, leading to a lawsuit, the Oracle lawsuit over the alleged cloud breach impacting millions, IMDataCenter data breach leading to a lawsuit, or the 2025 M&S cyber attack, which is expected to cost the retailer roughly $183 million to $400 million in profits.
Another Scattered Spider Hacker Bites The Dust
Buchanan is also widely considered part of Scattered Spider and one of its more active members, but the charges he pleaded guilty to are related to specific phishing and fraud campaigns rather than the full set of operations linked to the group.
It is worth noting that Buchanan was arrested and extradited from Spain to the United States. Although the hacker is a British national, the charges were filed in the United States due to the location of affected companies and infrastructure.
Buchanan is scheduled to appear before a judge on August 21, 2026, where he faces a statutory maximum sentence of 22 years in federal prison. Several of his co-conspirators, linked to the hacking group Scattered Spider, have already been sentenced or are currently facing charges, including:
- Evans Onyeaka Osiebo (21) – US – Faces criminal charges.
- Ahmed Hossam Eldin Elbadawy (23) – US – Faces criminal charges.
- Joel Martin Evans, aka “joeleoli” (26) – US – Faces criminal charges.
- Noah Michael Urban, 21, a.k.a. “Sosa” and “Elijah,” US – Serving 10-year federal prison sentence.
