UK Hacker Behind MGM and Caesars Cyberattacks Arrested in Spain

UK hacker behind the MGM and Caesars cyberattacks in Spain
Share on Social

A 22-year-old UK national accused of playing a major role in last year’s hacking of MGM Resorts International was recently apprehended in Spain. The suspect is allegedly linked to the Scattered Spider hacking group and is also suspected of involvement in the hacking of Caesars Entertainment and other high-profile companies.

Details of the Arrest

Media reports have identified the suspect by the alias “Tyler” or “tylerb.” Tech security publication Krebs on Security named him as Tyler Buchanan of Dundee, Scotland, though this identity couldn’t be immediately confirmed. The specific charges against him remain unclear.

The suspect was arrested while boarding a plane from Palma, Spain, to Italy, according to Spanish news outlet Murcia Today. He is also linked to the theft of $27 million in Bitcoin from corporate accounts, according to news reports.

Hacking Methods and Investigation

The hackers utilized a practice known as SIM-swapping, allowing them to steal passwords used in account authentication. They also employed SMS phishing in their attacks. Spanish police, in cooperation with the US FBI, were investigating the case. The arrest was made by Spanish authorities, and the case was prepared by the FBI’s Los Angeles office, as reported by Cybernews.

Previous Incidents and Personal Threats

Krebs reported that Tyler’s residence was invaded last year by criminals hired by other hacking groups. The intruders threatened Tyler and his mother if they didn’t hand over keys to cryptocurrency wallets, prompting him to flee from Scotland for his safety.

Expert Commentary

“This month’s arrest was a major step in cracking down on high-profile cyber criminals,” said Rafe Pilling, director of threat intelligence at Secureworks Counter Threat Unit. “There’s still a long way to go but the blows keep coming for the cyber criminal gangs right now.”

Pilling added, “These groups have long felt untouchable, obfuscated by the complexities of the internet and the anonymity it offers, but the tables are turning. The interesting piece here is that the alleged perpetrators are operating from the UK and US where, unlike with Russian-speaking groups, law enforcement can reach them.”

Impact on MGM and Caesars

Last September, MGM Resorts experienced a week-long outage of its internal cybersecurity and data systems following a hack carried out by Scattered Spider. MGM didn’t pay the hackers, but it faced a $100 million hit to its third-quarter earnings and $10 million in one-time expenses.

During the same period, Scattered Spider successfully extorted tens of millions of dollars from Caesars Entertainment, according to Bloomberg News.

Other High-Profile Hacks

Scattered Spider has also been linked to the hacking of Twilio, LastPass, DoorDash, Mailchimp, and some 130 other organizations over the past few years, as reported by Krebs.

Related Arrests

In January, 19-year-old Noah Urban, who authorities claim is linked to high-profile hacks by Scattered Spider, was arrested in Florida. Known by the alias “King Bob,” Urban was charged with one count of conspiracy to commit wire fraud, eight counts of wire fraud, and five counts of aggravated identity theft.


The arrest of the UK national suspected of hacking MGM Resorts and Caesars Entertainment marks a significant step in combating high-profile cybercrimes. As authorities continue to crack down on these cybercriminals, the landscape of cybersecurity and law enforcement’s reach is evolving. The continued efforts to bring these perpetrators to justice highlight the importance of international cooperation in tackling cyber threats.