More charged in UK Lapsus$ investigation
Two teenagers arrested as part of police probe into extortion group
British police have charged two teenagers as part of an international investigation into the Lapsus$ cyber extortion gang.
The boys, aged 16 and 17, are set to appear at Highbury Corner Magistrates' Court on Friday, according to the City of London Police, the force responsible for the capital's financial district.
Detective Inspector Michael O'Sullivan said the pair remained in custody.
"Both teenagers have been charged with: three counts of unauthorised access to a computer with intent to impair the reliability of data; one count of fraud by false representation and one count of unauthorised access to a computer with intent to hinder access to data. The 16-year-old has also been charged with one count of causing a computer to perform a function to secure unauthorised access to a program," he said.
The arrests are part of an international police investigation into the Lapsus$ gang, which this week was said to be back at work, despite the previous arrest of seven alleged operatives.
Earlier this week, VX-Underground – an organization that analyzes malware samples and trends – shared evidence it says was sourced from security researcher Dominic Alvieri, detailing an intrusion of Luxembourg-based software development consultancy Globant.
- Lapsus$ back? Researchers claim extortion gang attacked software consultancy Globant
- Okta acknowledges 'mistake' in handling of Lapsus$ attack
- British cops arrest seven in Lapsus$ crime gang probe
- Okta now says: Lapsus$ may in fact have accessed customer info
In an updated post detailing Okta's response to claims of an intrusion, chief security officer David Bradbury revealed that "a small percentage of customers – approximately 2.5 percent – have potentially been impacted and whose data may have been viewed or acted upon."
Bradbury has not described the data that may have been viewed, but as Okta's core service is single sign-on for thousands of cloud services, the possibility that customers' credentials have leaked to unknown parties cannot be discounted.
Last week, City of London Police detained and released seven people aged 16 to 21 in connection with the investigation. Among them is a 16-year-old boy from Oxford was accused of being one of the crew's leaders, the BBC reported.
Reporting has been restricted for legal reasons owing to the individuals' age. ®
- Black Hat
- Common Vulnerability Scoring System
- Cybersecurity and Infrastructure Security Agency
- Cybersecurity Information Sharing Act
- Data Protection
- Data Theft
- Digital certificate
- Identity Theft
- Kenna Security
- Palo Alto Networks
- Trusted Platform Module
- Zero trust