Beautiful Virgin Islands

Friday, Jul 10, 2026

Lapsus$: Oxford teen accused of being multi-millionaire cyber-criminal

Lapsus$: Oxford teen accused of being multi-millionaire cyber-criminal

A 16-year-old from Oxford has been accused of being one of the leaders of cyber-crime gang Lapsus$.

The teenager, who is alleged to have amassed a $14m (£10.6m) fortune from hacking, has been named by rival hackers and researchers.

City of London Police say they have arrested seven teenagers in relation to the gang but will not say if he is one.

The boy's father told the BBC his family was concerned and was trying to keep him away from his computers.

Under his online moniker "White" or "Breachbase" the teenager, who has autism, is said to be behind the prolific Lapsus$ hacker crew, which is believed to be based in South America.

Lapsus$ is relatively new but has become one of the most talked about and feared hacker cyber-crime gangs, after successfully breaching major firms like Microsoft and then bragging about it online.

The teenager, who can't be named for legal reasons, attends a special educational school in Oxford.

City of London Police said: "Seven people between the ages of 16 and 21 have been arrested in connection with an investigation into a hacking group. They have all been released under investigation. Our inquiries remain ongoing."

Playing online games


The boy's father told the BBC: "I had never heard about any of this until recently. He's never talked about any hacking, but he is very good on computers and spends a lot of time on the computer. I always thought he was playing games."

Microsoft is one of the victims of the Lapsus$ hacking group


"We're going to try to stop him from going on computers."

The BBC has also spoken to the boy's mother, who did not want to comment.

'Doxxed' online


"White" was outed - or "doxxed" - on a hacker website, after an apparent falling out with business partners.

The hackers revealed his name, address, and social media pictures.

They also posted a biography of his hacking career, saying: "After a few years his net worth accumulated to well over 300BTC [close to $14m]… [he is] now is affiliated with a wannabe ransomware group known as 'Lapsus$', who has been extorting & 'hacking' several organisations."

As first reported by Bloomberg, cyber-security researchers have been tracking "White" for nearly a year and have linked him to Lapsus$ and other hacking incidents.

"We've had his name since the middle of last year and we identified him before the doxxing," said Allison Nixon, chief research officer at cyber-security investigation company Unit 221B.

"Unit 221B working with [cyber-security company] Palo Alto after identifying the actor, watched him on his exploits throughout 2021, periodically sending law enforcement a heads-up about the latest crimes."

Mrs Nixon says researchers tracked him through a trail of activity linked through a nearly unbroken stream of the boy's online accounts.

"We did it by watching the post history of an account and seeing older posts provide contact information for the guy."

Mrs Nixon says the trail was followed thanks to mistakes "White" made in failing to cover his tracks.

Lapsus$ crew


The Lapsus$ cyber-extortion group has gained notoriety in a short space of time thanks to its high-profile targets and active presence on the messaging app Telegram. Its channel has grown to 47,000 subscribers.

The last message was posted on the channel on Wednesday, with the group saying: "A few of our members has a vacation until 30/3/2022. We might be quiet for some times. Thanks for understand us - we will try to leak stuff ASAP."

Okta says hundreds of its customers were affected by the cyber-attack


Chris Morgan, from cyber-security company Digital Shadows, says Lapsus$ has risen in prominence in recent months "after targeting several enterprise technology companies, breaching significant amounts of data and posting on to their dedicated Telegram data leak channel".

"Little is known of the origins of the group, however, given that Lapsus$'s initial activity was directed towards several organisations in Brazil, some researchers have speculated that the group is based in South America," Mr Morgan said.

In a Wednesday blog post, Microsoft said Lapsus$ had gained limited access to its system.

Security company Okta admitted that it too had been hacked by the group, with consequences for hundreds of its clients.

Newsletter

Related Articles

Beautiful Virgin Islands
0:00
0:00
Close
The AI Invoice Shock: Layoffs Didn't Save Managers Money — They Cost Them More
Concern: Sexually Transmitted Bacterium Among Men Develops Antibiotic Resistance
Following Massive Investor Demand: SK Hynix Raises 26.5 Billion Dollars on Nasdaq
Passenger Partially Pulled Out of Ryanair Jet After Cabin Window Fails Mid-Flight
After Four Years, and Under a Heavy Veil of Secrecy: King Charles Meets His Grandchildren, Harry and Meghan's Children
Severe Heatwave Drives Dangerous Ground-Level Ozone Pollution Across Two Thirds of European Union
Westminster in Freefall as Farage's By-Election Gamble Triggers Broader Systemic Crises
Institutional Fractures and Political Volatility Reshape Britain's Domestic Landscape
Deadly Fire, Health Emergencies and Political Upheaval Shape a Volatile Global News Cycle
Flight Instructor Jumped to His Death — Student Landed the Plane: "You Know What You Need to Do"
The Physical and Electronic Barriers Disrupting Domestic Wireless Networks
France and Morocco Open World Cup Quarter-Finals as Collina Defends Refereeing
Prince Harry Suffers Major Court Defeat in Legal Battle Against Daily Mail Publisher
Bonnie Tyler, Welsh Singer Behind Total Eclipse of the Heart, Dies at 75
Tech Pulse: The Future of AI and Screen Culture
Global News Briefing: Escalating Geopolitical Tensions and Corporate Shakeups
Global News Brief: Escalating Conflicts, Public Health Crises, and World Cup Drama
Federal Financial Framework Shifts as Treasury Launches Universal Savings Program for Minors
French Court Allows Le Pen to Run for Presidency, but with an Electronic Tag: "I Will Appeal, and I Will Run"
$1.4 Trillion: The Lawsuit That Could Crush Meta
Europe's Growing Struggle with Extreme Heat and Air Conditioning
UK Daily Briefing: Legal Developments and Social Issues
Political Turmoil and Rising Costs
Anthropic Reengineers Agentic Architecture to Shift Autonomous Workplace Automation to the Cloud
Logic Flaw in Windows 11 Permission Architecture Silently Consumes Hundreds of Gigabytes of Local Storage
Apple Advances Late-Stage Operating Systems with Fourth Beta Deployments
Global Crisis Alert: Escalating Middle East Tensions and UK Political Upheaval
Deep Purple Has Released Its Best Album in Decades
Microsoft Lays Off 4,800 Employees and Xbox Suffers the Hardest Blow
Morocco and France Advance as 2026 FIFA World Cup Enters Quarterfinals.
Historic 2026 Tour de France Opens in Barcelona With Revamped Team Time Trial.
Global Mergers and Acquisitions Approach $4 Trillion Defying Geopolitical Tumult.
Negotiators Advance 20-Point Framework for Gaza Ceasefire and Demilitarization.
OECD Warns Middle East Conflict Will Depress Global Economic Growth.
Ukrainian Drones Strike Major Oil Terminal in St. Petersburg.
World Meteorological Organization Issues Urgent Alert Over Rapidly Intensifying El Niño.
United States Commemorates 250th Anniversary With Diplomatic Summits and Global Flotilla.
Iran Begins Days-Long Funeral for Supreme Leader Khamenei Amid Strait of Hormuz Standoff.
Technology giant reports surging carbon emissions driven by artificial intelligence infrastructure demands.
Artificial intelligence adoption accelerates workforce reductions across the technology and financial sectors.
Global technology and financial conglomerates collaborate to launch a new stablecoin standard.
United States regulators lift export restrictions on a major frontier artificial intelligence model.
Luxury bags take over the World Cup: style, status symbol, or just showing off?
×