Beautiful Virgin Islands

Tuesday, Jul 22, 2025

Lapsus$: Oxford teen accused of being multi-millionaire cyber-criminal

Lapsus$: Oxford teen accused of being multi-millionaire cyber-criminal

A 16-year-old from Oxford has been accused of being one of the leaders of cyber-crime gang Lapsus$.

The teenager, who is alleged to have amassed a $14m (£10.6m) fortune from hacking, has been named by rival hackers and researchers.

City of London Police say they have arrested seven teenagers in relation to the gang but will not say if he is one.

The boy's father told the BBC his family was concerned and was trying to keep him away from his computers.

Under his online moniker "White" or "Breachbase" the teenager, who has autism, is said to be behind the prolific Lapsus$ hacker crew, which is believed to be based in South America.

Lapsus$ is relatively new but has become one of the most talked about and feared hacker cyber-crime gangs, after successfully breaching major firms like Microsoft and then bragging about it online.

The teenager, who can't be named for legal reasons, attends a special educational school in Oxford.

City of London Police said: "Seven people between the ages of 16 and 21 have been arrested in connection with an investigation into a hacking group. They have all been released under investigation. Our inquiries remain ongoing."

Playing online games


The boy's father told the BBC: "I had never heard about any of this until recently. He's never talked about any hacking, but he is very good on computers and spends a lot of time on the computer. I always thought he was playing games."

Microsoft is one of the victims of the Lapsus$ hacking group


"We're going to try to stop him from going on computers."

The BBC has also spoken to the boy's mother, who did not want to comment.

'Doxxed' online


"White" was outed - or "doxxed" - on a hacker website, after an apparent falling out with business partners.

The hackers revealed his name, address, and social media pictures.

They also posted a biography of his hacking career, saying: "After a few years his net worth accumulated to well over 300BTC [close to $14m]… [he is] now is affiliated with a wannabe ransomware group known as 'Lapsus$', who has been extorting & 'hacking' several organisations."

As first reported by Bloomberg, cyber-security researchers have been tracking "White" for nearly a year and have linked him to Lapsus$ and other hacking incidents.

"We've had his name since the middle of last year and we identified him before the doxxing," said Allison Nixon, chief research officer at cyber-security investigation company Unit 221B.

"Unit 221B working with [cyber-security company] Palo Alto after identifying the actor, watched him on his exploits throughout 2021, periodically sending law enforcement a heads-up about the latest crimes."

Mrs Nixon says researchers tracked him through a trail of activity linked through a nearly unbroken stream of the boy's online accounts.

"We did it by watching the post history of an account and seeing older posts provide contact information for the guy."

Mrs Nixon says the trail was followed thanks to mistakes "White" made in failing to cover his tracks.

Lapsus$ crew


The Lapsus$ cyber-extortion group has gained notoriety in a short space of time thanks to its high-profile targets and active presence on the messaging app Telegram. Its channel has grown to 47,000 subscribers.

The last message was posted on the channel on Wednesday, with the group saying: "A few of our members has a vacation until 30/3/2022. We might be quiet for some times. Thanks for understand us - we will try to leak stuff ASAP."

Okta says hundreds of its customers were affected by the cyber-attack


Chris Morgan, from cyber-security company Digital Shadows, says Lapsus$ has risen in prominence in recent months "after targeting several enterprise technology companies, breaching significant amounts of data and posting on to their dedicated Telegram data leak channel".

"Little is known of the origins of the group, however, given that Lapsus$'s initial activity was directed towards several organisations in Brazil, some researchers have speculated that the group is based in South America," Mr Morgan said.

In a Wednesday blog post, Microsoft said Lapsus$ had gained limited access to its system.

Security company Okta admitted that it too had been hacked by the group, with consequences for hundreds of its clients.

Newsletter

Related Articles

Beautiful Virgin Islands
0:00
0:00
Close
UK Government Considers Dropping Demand for Apple Encryption Backdoor
Severe Flooding in South Korea Claims Lives Amid Ongoing Rescue Operations
Japanese Man Discovers Family Connection Through DNA Testing After Decades of Separation
Russia Signals Openness to Ukraine Peace Talks Amid Escalating Drone Warfare
Switzerland Implements Ban on Mammography Screening
Japanese Prime Minister Vows to Stay After Coalition Loses Upper House Majority
Pogacar Extends Dominance with Stage Fifteen Triumph at Tour de France
CEO Resigns Amid Controversy Over Relationship with HR Executive
Man Dies After Being Pulled Into MRI Machine Due to Metal Chain in New York Clinic
NVIDIA Achieves $4 Trillion Valuation Amid AI Demand
US Revokes Visas of Brazilian Corrupted Judges Amid Fake Bolsonaro Investigation
U.S. Congress Approves Rescissions Act Cutting Federal Funding for NPR and PBS
North Korea Restricts Foreign Tourist Access to New Seaside Resort
Brazil's Supreme Court Imposes Radical Restrictions on Former President Bolsonaro
Centrist Criticism of von der Leyen Resurfaces as she Survives EU Confidence Vote
Judge Criticizes DOJ Over Secrecy in Dropping Charges Against Gang Leader
Apple Closes $16.5 Billion Tax Dispute With Ireland
Von der Leyen Faces Setback Over €2 Trillion EU Budget Proposal
UK and Germany Collaborate on Global Military Equipment Sales
Trump Plans Over 10% Tariffs on African and Caribbean Nations
Flying Taxi CEO Reclaims Billionaire Status After Stock Surge
Epstein Files Deepen Republican Party Divide
Zuckerberg Faces $8 Billion Privacy Lawsuit From Meta Shareholders
FIFA Pressured to Rethink World Cup Calendar Due to Climate Change
SpaceX Nears $400 Billion Valuation With New Share Sale
Microsoft, US Lab to Use AI for Faster Nuclear Plant Licensing
Trump Walks Back Talk of Firing Fed Chair Jerome Powell
Zelensky Reshuffles Cabinet to Win Support at Home and in Washington
"Can You Hit Moscow?" Trump Asked Zelensky To Make Putin "Feel The Pain"
Irish Tech Worker Detained 100 days by US Authorities for Overstaying Visa
Dimon Warns on Fed Independence as Trump Administration Eyes Powell’s Succession
Church of England Removes 1991 Sexuality Guidelines from Clergy Selection
Superman Franchise Achieves Success with Latest Release
Hungary's Viktor Orban Rejects Agreements on Illegal Migration
Jeff Bezos Considers Purchasing Condé Nast as a Wedding Gift
Ghislaine Maxwell Says She’s Ready to Testify Before Congress on Epstein’s Criminal Empire
Bal des Pompiers: A Celebration of Community and Firefighter Culture in France
FBI Chief Kash Patel Denies Resignation Speculations Amid Epstein List Controversy
Air India Pilot’s Mental Health Records Under Scrutiny
Google Secures Windsurf AI Coding Team in $2.4 Billion Licence Deal
Jamie Dimon Warns Europe Is Losing Global Competitiveness and Flags Market Complacency
South African Police Minister Suspended Amid Organised Crime Allegations
Nvidia CEO Claims Chinese Military Reluctance to Use US AI Technology
Hong Kong Advances Digital Asset Strategy to Address Economic Challenges
Australia Rules Out Pre‑commitment of Troops, Reinforces Defence Posture Amid US‑China Tensions
Martha Wells Says Humanity Still Far from True Artificial Intelligence
Nvidia Becomes World’s First Four‑Trillion‑Dollar Company Amid AI Boom
U.S. Resumes Deportations to Third Countries After Supreme Court Ruling
Excavation Begins at Site of Mass Grave for Children at Former Irish Institution
Iranian President Reportedly Injured During Israeli Strike on Secret Facility
×