Saturday Security: Scattered Spider Member Pleads Guilty After $8M Phishing Spree

 

We’ve covered Scattered Spider a few times—and now there’s a major update. A key member, Tyler Robert Buchanan, has pleaded guilty in a California federal court, closing the loop on a global phishing campaign that hit 130+ companies. By impersonating IT help desks with SMS phishing, attackers tricked employees into fake login pages—stealing credentials and gaining access. Targets included Twilio and Cloudflare, with losses totaling at least $8 million in cryptocurrency. But here’s the bigger issue: Groups like Scattered Spider are decentralized, fast-moving, and constantly recruiting. Your help desk is now a primary attack surface. If users can’t spot a fake IT message, attackers don’t need to hack in… they just log in. I’m Peter Silva — your Saturday Security Story. Like, subscribe, and share. https://www.databreachtoday.com/scattered-spider-hacker-pleads-guilty-in-us-federal-court-a-31459