The City of London Police on Friday disclosed that it has charged two of the seven teenagers, a 16-year-old and a 17-year-old, who were arrested last week for their alleged connections to the LAPSUS$ data extortion gang.
“Both teenagers have been charged with: three counts of unauthorized access to a computer with intent to impair the reliability of data; one count of fraud by false representation and one count of unauthorized access to a computer with intent to hinder access to data,” Detective Inspector Michael O’Sullivan, from the City of London Police, said in a statement.
In addition, the unnamed 16-year-old minor has been charged with one count of causing a computer to perform a function to secure unauthorized access to a program.
The charges come as the City of London Police moved to arrest seven suspected LAPSUS$ gang members aged between 16 and 21 on March 25, with the agency telling The Hacker News that all the individuals had been subsequently “released under investigation.”
But the arrests are yet to put a dampener on the cartel’s activities, which returned from a “vacation” this week to leak 70GB of data belonging to software services giant Globant on March 30. The Luxembourg-headquartered company said it’s currently “conducting an exhaustive investigation” and that it’s “taking strict measures to prevent further incidents.”
LAPSUS$, in a short span of a few months, has gained notoriety for their hacking spree, stealing and publishing source code of multiple top-tier technology companies on their Telegram channel, which currently has close to 58,000 subscribers.
“In today’s environment, threat actors favor using ransomware to encrypt data and systems and often extort victims for significant amounts of cryptocurrency in exchange for decryption keys, sometimes turning up the pressure with the threat of publishing stolen data,” Palo Alto Networks’ Unit 42 team said.
“LAPSUS$, however, is unusual in its approach – for this group, notoriety most often appears to be the goal, rather than financial gain.”