TYLER Buchanan is understood to be one of the ringleaders of a shadowy gang of cybercriminals known as the Scattered Spider gang.
Thought to be made up of around 1,000 UK and US teens and young men, the group has become infamous for a slew of attacks on major brands including Marks & Spencer.
Who is Tyler Buchanan?
Tyler Buchanan is a 23-year-old from Dundee, Scotland.
He is understood to be a ringleader of the criminal cyber gang only known as Scattered Spider alongside another hacker, Noah Urban, who went by the moniker “king Bob”.
A source close to the case told The Sun: “King Bob ran operations from America while the FBI says his main contact in Europe was Buchanan.
“They were both major players in the Scattered Spiders communicating across the pond, mainly via Telegram.
“Smart kids but not smart enough to evade the authorities. The law was always going to catch up with them.”
On top of the crippling M&S cyber attack in April 2025, here have been similar data breaches at the Co-op and Harrods.
Buchanan was pictured handcuffed in Spain in the summer of 2024 summer after being accused of masterminding Scattered Spider operations.
He was then extradited to California in April 2025, where he’s facing up to 47 years behind bars for his part in a £9million cryptocurrency scam.
Buchanan was denied bail when he appeared in court following his extradition.
While Tyler’s dad Robert agrees that his son is a “computer whizz”, he denied he was involved with the Scattered Spider group.
He told the Daily Mail: “[He’s been into that] since he was six years old, he has always been on his computers.”
What is the Scattered Spider gang?
Scattered Spider — also known as UNC3944, Star Fraud, Octo Tempest, Scatter Swine and Muddled Libra — is a loosely organised but highly effective hacking group.
It is comprised of mainly young, English-speaking individuals from the UK and the US, with some members reportedly as young as 16.
The group operates in a decentralised fashion, making it difficult for law enforcement to dismantle their operations entirely, even after multiple arrests.
The Scattered Spider gang is said to be behind the M&S attack[/caption]
Scattered Spider is infamous for its aggressive cybercrime campaigns, targeting large corporations across industries such as finance, retail and gaming.
Their tactics focus on social engineering — tricking employees into granting access — rather than exploiting technical vulnerabilities.
Common methods include phishing attacks and SIM swapping, allowing them to bypass security controls and access sensitive systems.
The group has been behind major heists that have seen companies blackmailed for millions.
Tyler Buchanan photographed when he was a child[/caption]
Their most brazen raid came in September 2023, when MGM and Caesars paid £11.2million in ransom to get card payment systems, hotel room keys, slot machines and ATMs back up and running.
CEO of international firm Cryptoforensic Investigators, Paul Sibenik, who has investigated cases related to Scattered Spider, told The Sun how the group blackmails companies by disabling their systems, then offering to sell back an encryption key to unlock them.
Paul explained how the personal information stolen is also sold through the dark web, and even openly on notorious hacking platform OGUsers and similar sites.
He said: “The extortion isn’t just about hackers saying, ‘Hey, you pay us the money and you’ll get access to your system back.’
“The criminals often threaten to leak the private data of customers if companies don’t pay up.
“There are hacker forums where this type of data is advertised to other attackers and people’s personal information is openly swapped.
“There are multiple incentives to get companies to pay; access to their own data system, preventing the deletion of data and avoiding a data breach, which could cost them additional money in lawsuits from customers.”