Beautiful Virgin Islands

Tuesday, Jun 03, 2025

Lapsus$: Oxford teen accused of being multi-millionaire cyber-criminal

Lapsus$: Oxford teen accused of being multi-millionaire cyber-criminal

A 16-year-old from Oxford has been accused of being one of the leaders of cyber-crime gang Lapsus$.

The teenager, who is alleged to have amassed a $14m (£10.6m) fortune from hacking, has been named by rival hackers and researchers.

City of London Police say they have arrested seven teenagers in relation to the gang but will not say if he is one.

The boy's father told the BBC his family was concerned and was trying to keep him away from his computers.

Under his online moniker "White" or "Breachbase" the teenager, who has autism, is said to be behind the prolific Lapsus$ hacker crew, which is believed to be based in South America.

Lapsus$ is relatively new but has become one of the most talked about and feared hacker cyber-crime gangs, after successfully breaching major firms like Microsoft and then bragging about it online.

The teenager, who can't be named for legal reasons, attends a special educational school in Oxford.

City of London Police said: "Seven people between the ages of 16 and 21 have been arrested in connection with an investigation into a hacking group. They have all been released under investigation. Our inquiries remain ongoing."

Playing online games


The boy's father told the BBC: "I had never heard about any of this until recently. He's never talked about any hacking, but he is very good on computers and spends a lot of time on the computer. I always thought he was playing games."

Microsoft is one of the victims of the Lapsus$ hacking group


"We're going to try to stop him from going on computers."

The BBC has also spoken to the boy's mother, who did not want to comment.

'Doxxed' online


"White" was outed - or "doxxed" - on a hacker website, after an apparent falling out with business partners.

The hackers revealed his name, address, and social media pictures.

They also posted a biography of his hacking career, saying: "After a few years his net worth accumulated to well over 300BTC [close to $14m]… [he is] now is affiliated with a wannabe ransomware group known as 'Lapsus$', who has been extorting & 'hacking' several organisations."

As first reported by Bloomberg, cyber-security researchers have been tracking "White" for nearly a year and have linked him to Lapsus$ and other hacking incidents.

"We've had his name since the middle of last year and we identified him before the doxxing," said Allison Nixon, chief research officer at cyber-security investigation company Unit 221B.

"Unit 221B working with [cyber-security company] Palo Alto after identifying the actor, watched him on his exploits throughout 2021, periodically sending law enforcement a heads-up about the latest crimes."

Mrs Nixon says researchers tracked him through a trail of activity linked through a nearly unbroken stream of the boy's online accounts.

"We did it by watching the post history of an account and seeing older posts provide contact information for the guy."

Mrs Nixon says the trail was followed thanks to mistakes "White" made in failing to cover his tracks.

Lapsus$ crew


The Lapsus$ cyber-extortion group has gained notoriety in a short space of time thanks to its high-profile targets and active presence on the messaging app Telegram. Its channel has grown to 47,000 subscribers.

The last message was posted on the channel on Wednesday, with the group saying: "A few of our members has a vacation until 30/3/2022. We might be quiet for some times. Thanks for understand us - we will try to leak stuff ASAP."

Okta says hundreds of its customers were affected by the cyber-attack


Chris Morgan, from cyber-security company Digital Shadows, says Lapsus$ has risen in prominence in recent months "after targeting several enterprise technology companies, breaching significant amounts of data and posting on to their dedicated Telegram data leak channel".

"Little is known of the origins of the group, however, given that Lapsus$'s initial activity was directed towards several organisations in Brazil, some researchers have speculated that the group is based in South America," Mr Morgan said.

In a Wednesday blog post, Microsoft said Lapsus$ had gained limited access to its system.

Security company Okta admitted that it too had been hacked by the group, with consequences for hundreds of its clients.

Newsletter

Related Articles

Beautiful Virgin Islands
0:00
0:00
Close
China Accuses US of Violating Trade Truce
Panama Port Owner Balances US-China Pressures
France Implements Nationwide Outdoor Smoking Ban to Protect Children
German Chancellor Merz Keeps Putin Guessing on Missile Strategy
Mandelson Criticizes UK's 'Fetish' for Abandoning EU Regulations
British Fishing Boat Owner Fined €30,000 by French Authorities
Dutch government falls as far-right leader Wilders quits coalition
Harvard Urges US to Unfreeze Funds for Public Health Research
Businessman Mauled by Lion at Luxury Namibian Lodge
Researchers Consider New Destinations Beyond the U.S.
53-Year-Old Doctor Claims Biological Age of 23
Trump Struggles to Secure Trade Deals With China and Europe
Russia to Return 6,000 Corpses Under Ukraine Prisoner Swap Deal
Microsoft Lays Off Hundreds More Amid Restructuring
Harvey Weinstein’s Publicist Embraces Notoriety
Macron and Meloni Seek Unity Despite Tensions
Trump Administration Accused of Obstructing Deportation Cases
Newark Mayor Sues Over Arrest at Immigration Facility
Center-Left Candidate Projected to Win South Korean Presidency
Trump’s Tariffs Predicted to Stall Global Economic Growth
South Korea’s President-Elect Expected to Take Softer Line on Trump and North Korea
Trump’s China Strategy Remains a Geopolitical Puzzle
Ukraine Executes Long-Range Drone Strikes on Russian Airbases
Conservative Karol Nawrocki wins Poland’s presidential election
Study Identifies Potential Radicalization Risk Among Over One Million Muslims in Germany
Good news: Annalena Baerbock Elected President of the UN General Assembly
Apple Appeals EU Law Over User Data Sharing Requirements
South Africa: "First Black Bank" Collapses after Being Looted by Owners
Poland will now withdraw from the EU migration pact after pro-Trump nationalist wins Election
"That's Disgusting, Don’t Say It Again": The Trump Joke That Made the President Boil
Trump Cancels NASA Nominee Over Democratic Donations
Paris Saint-Germain's Greatest Triumph Is Football’s Lowest Point
OnlyFans for Sale: From Lockdown Lifeline to Eight-Billion-Dollar Empire
Mayor’s Security Officer Implicated | Shocking New Details Emerge in NYC Kidnapping Case
Hegseth Warns of Potential Chinese Military Action Against Taiwan
OPEC+ Agrees to Increase Oil Output for Third Consecutive Month
Jamie Dimon Warns U.S. Bond Market Faces Pressure from Rising Debt
Turkey Detains Istanbul Officials Amid Anti-Corruption Crackdown
Taylor Swift Gains Ownership of Her First Six Albums
Bangkok Ranked World's Top City for Remote Work in 2025
Satirical Sketch Sparks Political Spouse Feud in South Korea
Indonesia Quarry Collapse Leaves Multiple Dead and Missing
South Korean Election Video Pulled Amid Misogyny Outcry
Asian Economies Shift Away from US Dollar Amid Trade Tensions
Netflix Investigates Allegations of On-Set Mistreatment in K-Drama Production
US Defence Chief Reaffirms Strong Ties with Singapore Amid Regional Tensions
Vietnam Faces Strategic Dilemma Over China's Mekong River Projects
Malaysia's First AI Preacher Sparks Debate on Islamic Principles
White House Press Secretary Criticizes Harvard Funding, Advocates for Vocational Training
France to Implement Nationwide Smoking Ban in Outdoor Spaces Frequented by Children
×