A Teenager Alleged of Being Mastermind of Lapsus$ hacking Gang: Report

According to a Bloomberg story on Wednesday, a teenager is suspected of being the mastermind behind the Lapsus$ hacking gang, which has claimed responsibility for data breaches at Samsung and Nvidia, along with the newly discovered breaches at Microsoft and Okta.

According to Bloomberg, four researchers probing Lapsus$ believe that a teenager from the United Kingdom using the online nicknames “White” and “breachbase” is in charge of the group’s activities. The youngster has not been charged with a crime, and the researchers “haven’t been able to clearly tie him to every hack Lapsus$ has claimed,” according to Bloomberg.

A Teenager Alleged of Being Mastermind of Lapsus$ hacking Gang: Report

The boy’s mother spoke with one of Bloomberg’s reporters for around 10 minutes over a doorbell intercom system at the family’s home, which is about 5 miles from Oxford University. She reportedly denied knowing about the charges against her son and refused to talk about them or make him available for an interview.

According to Bloomberg, the group, which is believed to be based in South America, also includes a teenager from Brazil.

In the hacking world, Lapsus$’ usage of social media makes it unique. On Monday, the group reportedly released screenshots of what seemed to be Okta’s internal tickets and in-house chat on the messaging tool Slack to its Telegram channel. About 2.5 percent of the company’s customers may have been affected, according to the identity authentication firm, which has over 15,000 clients.

Microsoft, which was recently targeted by Lapsus$, said it was able to stop a data attack by the group after it publicized the operation on social media. The hackers acquired “limited access” to a single account which also underlined that Lapsus$ appears unconcerned about hiding its activities. In a blog post, Microsoft stated,

Our team was already investigating the compromised account based on threat intelligence when the actor publicly disclosed their intrusion. This public disclosure escalated our action allowing our team to intervene and interrupt the actor mid-operation, limiting broader impact.

Check out? Microsoft Could be Another Victim of Hacking Group LAPSUS$: Report