FBI adds LAPSUS$ data extortion gang to its “Most Wanted” list

Graham Cluley
@gcluley

FBI adds LAPSUS$ data extortion gang to its "Most Wanted" list

The FBI is calling on members of the public to help it uncover members of an increasingly-notorious cybercrime gang.

The LAPSUS$ group, which is thought to consist largely of computer-savvy teenagers, has been behind a wave of attacks that have gained unauthorised access to large tech firms and leaked their data.

Corporate victims have included Microsoft, NVIDIA, Ubisoft, Samsung, Globant, and Okta.

Sign up to our newsletter
Security news, advice, and tips.

Members of the gang have been posting on a publicly-accessible Telegram chat room, bragging about their unauthorised access to the systems of organisations, and then posting links to the data they have stolen.

The most recent victim is international IT and software development firm Globant, which acknowledged it had suffered a security breach after LAPSUS$ first shared the news to its followers.

LAPSUS$ has since shared a link to 73GB of data stolen from Globant, containing customer source code and private keys related to projects for corporate clients.

In its notice the FBI says it is seeking information regarding the identities of the individuals responsible for the breaches, but has not yet offered a monetary reward.

It will be interesting to see whether the FBI or other law enforcement agencies do choose to offer a bounty for information leading to the identification and apprehension of members of LAPSUS$, or whether the group will simply unravel due to its own gobbiness.

If you do have any information, you are invited to contact your local FBI office, or the nearest American Embassy or Consulate.

Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.


Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

What do you think? Leave a comment

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.