Scattered Spider Member Sentenced to a Decade in Prison
Noah Michael Urban, 20, was one of several members of the Scattered Spider collective who were arrested and charged in 2024 in connection with high-profile cyberattacks.
Prison cybersecurity covers attacks on correctional systems, inmate data exposure, and technology risks affecting secure operations.
Search across headline titles and summaries.
Background for this topic.
Prison is a correctional facility or the wider prison system that manages incarcerated people, staff, visitors, and contractors. In security reporting, the tag may cover cyber incidents affecting prison agencies and facilities, the protection of incarcerated people’s data and communications, or the imprisonment of people convicted of cybercrime. These are related but distinct contexts, so reports should identify whether prison is the affected environment or a legal outcome.
Prisons operate systems with both information-security and physical-safety consequences. Records may include identity, health, legal, and behavioral data, while connected doors, cameras, alarms, inmate-management systems, and communications platforms can affect facility operations if unavailable or manipulated. Material safeguards include strict access control, network segmentation between administrative and operational systems, logging and monitoring of privileged or vendor access, and tested continuity procedures. Privacy and compliance requirements are especially significant because incarcerated people have limited control over how their information is collected and shared. Incident response must protect evidence while maintaining custody, staff safety, and essential services.
Weekly headline count for the current query.
Noah Michael Urban, 20, was one of several members of the Scattered Spider collective who were arrested and charged in 2024 in connection with high-profile cyberattacks.
The suspect faces three charges for his alleged crimes that could earn him up to five years in federal prison, and a heap of fines.
Globally, security researchers and whistleblowers face increasingly hostile laws and judiciaries that are ready to levy fines and prison sentences.
The pardon comes after 11 years in prison for Ross Ulbricht, who was sentenced to life without parole on several charges, including computer hacking, distribution of narcotics, and money laundering.
Four of the arrested individuals of the cybercriminal gang, known for hacking MGM and Caesars, are American, all of whom could face up to 27 years in prison for the charges against them.
In addition to his prison sentence, he will have to pay more than $1 million in restitution to his victims.
The draft amendment also includes prison time for those who access systems to maliciously spy or intercept data.
US officials disrupted the group's DDoS operation and arrested two individuals behind it, who turned out to be far less intimidating than they were made out to be in the media.
At least two Russian nationals serving prison sentences for cybercrime offenses, Vladislav Klyushin and Roman Seleznev, were released as part of the landmark prisoner swap.
The retired US Army lieutenant colonel faces up to 10 years in prison if convicted of sharing secret information about the Russia-Ukraine war with a scammer posing as romantic connection.
The Nigerian national, who was living in the US, also must pay over $1 million in restitution.
Joe Sullivan, spared prison time, weighs in on the lessons learned from the 2016 Uber breach and the import of the SolarWinds CISO case.
The ex-employee claimed that he believed the shared information would benefit Russia and harm the US.
Ilya Sachkov, convicted of treason by the Kremlin, will serve time in one of Russia's prison camps, which feature rigid schedules and isolation from the outside world, critics say.
Extradited from Spain, PlugWalkJoe has been sentenced in US court and is now headed to federal prison on a raft of charges related to account hijacking and cyber stalking.
Originally sentenced to 40 months in prison, the former Nintendo Switch hacker is being released early due to good behavior but still owes millions.
Vladislav Klyushin and co-conspirators used SEC filings stolen from the networks of Tesla, Roku, and other publicly traded companies to earn nearly $100 million in illegal trades.
The distributed denial-as-a-service websites were behind more than 200K attacks on targets including schools and hospitals.
A California man faces prison time and steep fines stemming from cybertheft of US military funds intended to pay jet-fuel suppliers.
Denys Iarmak is the third member of FIN7 to go to prison.