UK charges two teenagers linked to the Lapsus$ hacking group
Two teenagers from the UK charged with helping the Lapsus$ extortion gang have been released on bail after appearing in the Highbury Corner Magistrates Court court on Friday morning. [...]
Coverage of incidents reportedly linked to LAPSUS$, with analysis of infrastructure and disruption, security impact, and defensive guidance.
Search across headline titles and summaries.
Background for this topic.
LAPSUS$ is a name used in public reporting for an intrusion set associated with several high-profile compromises, particularly during 2021–2022. Investigations and victim disclosures linked the activity to social engineering, stolen credentials, account takeover—including reported abuse of help-desk or telecom recovery processes—and theft or attempted extortion of data and source code. Attribution, membership, and the relationship between individual incidents remain subject to change, so reports should be assessed for the evidence supporting each linkage.
Its security significance is the demonstrated exposure of identity and support workflows rather than reliance on a single malware family. Defenders should prioritize phishing-resistant multifactor authentication for privileged users, tightly control password resets and number-porting requests, limit administrator access, and monitor unusual identity-provider, cloud, and repository activity. After a suspected compromise, revoke sessions and tokens, rotate credentials and exposed secrets, preserve authentication and support-desk logs, and determine what data or code was accessed. These steps also help distinguish confirmed intrusion facts from claims made during extortion or incomplete early reporting.
Two teenagers from the UK charged with helping the Lapsus$ extortion gang have been released on bail after appearing in the Highbury Corner Magistrates Court court on Friday morning. [...]
The City of London Police on Friday disclosed that it has charged two of the seven teenagers, a 16-year-old and a 17-year-old, who were arrested last week for their alleged connections to the LAPSUS$ data extortion gang
Two teenagers arrested as part of police probe into extortion group British police have charged two teenagers as part of an international investigation into the Lapsus$ cyber extortion gang.…
Okta's outsourced provider of support services, Sitel (Sykes) has shared more information this week in response to the leaked documents that detailed the various incident response tasks carried out by Sitel after the Lapsus$ hack. [...]
Probing the activities of cloud-based cryptocurrency-mining groups, and Lapsus$ ‘back from vacation’
Latest episode - listen now!
IT and software consultancy firm Globant has confirmed that they were breached by the Lapsus$ data extortion group, where data consisting of administrator credentials and source code was leaked by the threat actors. [...]
Lapsus$ added IT giant Globant plus 70GB of leaked data – including admin credentials for scads of customers' DevOps platforms – to its hit list.
The LAPSUS$ data extortion gang announced their return on Telegram after a week-long "vacation," leaking what they claim is data from software services company Globant
Meanwhile, Okta squirms as further details of slow hack response emerge Extortion gang Lapsus$ may to be back at work, despite the arrest of seven alleged operatives.…
An independent security researcher has shared what's a detailed timeline of events that transpired as the notorious LAPSUS$ extortion gang broke into a third-party provider linked to the cyber incident at Okta in late January 2022
"We made a mistake," Okta said, owning up to its responsibility for security incidents that hit its service providers and potentially its own customers.
Changes story again to say customers weren't in danger, admits it waited for incident report instead of asking tough questions Identity-management-as-a-service outfit Okta has acknowledged that it made an important mistake in its handling of the attack on a supplier by extortion gang Lapsus$.…
Okta has admitted that it made a mistake delaying the disclosure hack from the Lapsus$ data extortion group that took place in January. Additionally, the company has provided a detailed timeline of the incident and its investigation activities. [...]