Skip to content

Lapsus$ hacking group is run by a UK-based teenager

  • by
  • 2 min read

After hitting big corporations like Nvidia, Samsung, Ubisoft, Microsoft and most recently, Okta, the Lapsus$ hacking group has put itself on the map, and it’s run by a 16-year old living at his mother’s house near Oxford, England, according to a Bloomberg report. 

Four researchers investigating the group on behalf of the attacked companies believe an English teenager to be the mastermind. He goes around with online aliases “White” and “breach base” and hasn’t yet been accused by law enforcement. The researchers themselves haven’t been able to tie him to every Lapsus$ hack conclusively, says Bloomberg

Another suspected member of the Lapsus$ group is yet another teenager residing in Brazil. One person investigating Lapsus$ has said that researchers have identified seven unique accounts associated with the group, hinting that more people might be involved with the group’s operations. 

Breachbase is apparently so good at hacking and fast that the researchers initially believed that the observed activity was automated. Lapsus$ has been publicly taunting their victims, leaking source code and internal documents. The recent Okta hack has sent the company into a public-relations crisis, disclosing that an engineer at a third-party vendor was breached, impacting 2.5% of their customers.

The group, however, lacks operational security, causing researchers to gain intimate knowledge about the teenage mastermind. The English hacker also had his personal information, including his address and information about his parents, posted online by rival hackers. 

When Bloomberg arrived at an address listed amongst the leaked materials, they talked to a woman claiming to be the boy’s mother through a doorbell intercom system. She was unaware of any allegations against her son and refused to talk about him or make him available for an interview stating that the matter was for law enforcement and that she was contacting the police.

In the News: Cybercrime victims lost over $6.9 billion in 2021: FBI

Yadullah Abidi

Yadullah Abidi

Yadullah is a Computer Science graduate who writes/edits/shoots/codes all things cybersecurity, gaming, and tech hardware. When he's not, he streams himself racing virtual cars. He's been writing and reporting on tech and cybersecurity with websites like Candid.Technology and MakeUseOf since 2018. You can contact him here: yadullahabidi@pm.me.

>