British Hacker Admits Guilt in Major US Cyber Fraud Scheme
A British hacker from Dundee, accused of involvement in the cyberattacks that targeted Marks & Spencer and the Co-op last year, is now confronting a potential 22-year prison sentence. Tyler Buchanan, aged 24, has pleaded guilty to conspiring to hack into the computer systems of at least a dozen companies based in the United States.
Details of the Phishing and Fraud Operation
According to the US Department of Justice, Buchanan was part of a group that executed text message phishing attacks to deceive employees into revealing their login credentials. This method granted the hackers unauthorized access to corporate computer systems. Buchanan admitted to one count of conspiracy to commit wire fraud and one count of aggravated identity theft in his plea agreement.
Between September 2021 and April 2023, the conspirators targeted a range of entities, including telecommunications companies, IT suppliers, cloud communications providers, virtual currency firms, and individuals. They sent hundreds of fraudulent messages, impersonating the companies or their contracted suppliers to steal sensitive information.
Evidence and Arrest
Law enforcement seized a device from Buchanan's home in Scotland, which contained the names and addresses of multiple victims, along with a text file holding cryptocurrency seed phrases and login credentials for a victim's account. The DOJ explained that the group used a phishing kit to capture credentials entered into fake websites, which were then transmitted to a Telegram channel managed by Buchanan and another co-conspirator.
Buchanan was arrested in Spain last year while en route to Italy and has been in US federal custody since April 2025. His sentencing is scheduled for August 21, where he could receive the maximum sentence of 22 years.
Connection to Scattered Spider Hacker Group
Buchanan has been linked to the notorious hacker collective known as Scattered Spider, which is believed to consist of around 1,000 primarily British and American youths. This group gained global infamy for a series of attacks on major brands, including the cyberattacks on M&S and Co-op in the spring and summer of 2025. Those incidents led to empty shelves for weeks and forced M&S to halt all online orders and payments.
Once Scattered Spider infiltrates a company's systems, they typically demand a substantial ransom for restoration. The National Crime Agency identified the group as a key focus of investigation in May.
Additional Allegations and Co-conspirators
Buchanan is also alleged to have been involved in the 2023 hack of Las Vegas casino operators Caesar's Entertainment and MGM Resorts International. US prosecutors claim he participated in a sophisticated £9 million cryptocurrency fraud, where victims received phishing texts warning of account closures, leading them to a fake website where their details were stolen.
In related cases, co-conspirator Noah Michael Urban pleaded guilty in April 2025 to three fraud-related charges and is currently serving a 10-year prison sentence, with an order to pay £5.9 million in restitution. Three other defendants from the United States are still facing criminal charges. The DOJ acknowledged assistance from Police Scotland and other agencies in the FBI-led investigation.
