Checkmarx confirms LAPSUS$ hackers leaked its stolen GitHub data
Application security company Checkmarx has confirmed that the LAPSUS$ threat group leaked data stolen from its private GitHub repository. [...]
Coverage of incidents reportedly linked to LAPSUS$, with analysis of infrastructure and disruption, security impact, and defensive guidance.
Search across headline titles and summaries.
Background for this topic.
LAPSUS$ is a name used in public reporting for an intrusion set associated with several high-profile compromises, particularly during 2021–2022. Investigations and victim disclosures linked the activity to social engineering, stolen credentials, account takeover—including reported abuse of help-desk or telecom recovery processes—and theft or attempted extortion of data and source code. Attribution, membership, and the relationship between individual incidents remain subject to change, so reports should be assessed for the evidence supporting each linkage.
Its security significance is the demonstrated exposure of identity and support workflows rather than reliance on a single malware family. Defenders should prioritize phishing-resistant multifactor authentication for privileged users, tightly control password resets and number-porting requests, limit administrator access, and monitor unusual identity-provider, cloud, and repository activity. After a suspected compromise, revoke sessions and tokens, rotate credentials and exposed secrets, preserve authentication and support-desk logs, and determine what data or code was accessed. These steps also help distinguish confirmed intrusion facts from claims made during extortion or incomplete early reporting.
Weekly headline count for the current query.
Application security company Checkmarx has confirmed that the LAPSUS$ threat group leaked data stolen from its private GitHub repository. [...]
The source code for Grand Theft Auto 5 was reportedly leaked on Christmas Eve, a little over a year after the Lapsus$ threat actors hacked Rockstar games and stole corporate data. [...]
Lapsus$ cybercrime and extortion group member, Arion Kurtaj has been sentenced to life in a 'secure hospital' by a UK judge. Kurtaj who is 18 years of age and autistic is among the primary Lapsus$ threat actors, and was involved in the leak of assets associated with the video game, Grand Theft Auto VI. [...]
A London jury has found that an 18-year-old member of the Lapsus$ data extortion gang helped hack multiple high-profile companies, stole data from them, and demanded a ransom threatening to leak the information. [...]
The U.S. government released a report after analyzing simple techniques, e.g. SIM swapping, used by the Lapsus$ extortion group to breach dozens of organizations with a strong security posture. [...]
The Department of Homeland Security (DHS) Cyber Safety Review Board will review attacks linked to an extortion group known as Lapsus$, which breached multiple high-profile companies in recent attacks. [...]
Today, the Brazilian Federal Police arrested a Brazilian suspect in the city of Feira de Santana, Bahia, believed to be part of the Lapsus$ extortion gang. [...]
Today, the Brazilian Federal Police arrested a Brazilian suspect in the city of Feira de Santana, Bahia, believed to be part of the Lapsus$ extortion gang. [...]
Uber believes the hacker behind last week's breach is affiliated with the Lapsus$ extortion group, known for breaching other high-profile tech companies such as Microsoft, Cisco, Nvidia, Samsung, and Okta. [...]
T-Mobile has confirmed that the Lapsus$ extortion gang breached its network "several weeks ago" using stolen credentials and gained access to internal systems. [...]
Identity and access management firm Okta says an investigation into the January Lapsus$ breach concluded the incident's impact was significantly smaller than expected. [...]
Two teenagers from the UK charged with helping the Lapsus$ extortion gang have been released on bail after appearing in the Highbury Corner Magistrates Court court on Friday morning. [...]
Okta's outsourced provider of support services, Sitel (Sykes) has shared more information this week in response to the leaked documents that detailed the various incident response tasks carried out by Sitel after the Lapsus$ hack. [...]
IT and software consultancy firm Globant has confirmed that they were breached by the Lapsus$ data extortion group, where data consisting of administrator credentials and source code was leaked by the threat actors. [...]
Okta has admitted that it made a mistake delaying the disclosure hack from the Lapsus$ data extortion group that took place in January. Additionally, the company has provided a detailed timeline of the incident and its investigation activities. [...]
As Lapsus$ data extortion gang announced that several of its members are taking a vacation, the City of London Police say they have arrested seven individuals connected to the gang. [...]
Microsoft has confirmed that one of their employees was compromised by the Lapsus$ hacking group, allowing the threat actors to access and steal portions of their source code. [...]
Okta, a major provider of access management systems, says that 2.5%, or approximately 375 customers, were impacted by a cyberattack claimed by the Lapsus$ data extortion group. [...]
Okta, a major provider of access management systems, has completed its investigation into a breach incident claimed by the Lapsus$ data extortion group. [...]
Okta, a leading provider of authentication services and Identity and access management (IAM) solutions says it is investigating claims of data breach. [...]