Two alleged Lapsus$ teens appear in London court

Two of the teenagers arrested last week for their alleged role in the Lapsus$ cyber extortion group appeared in a London court Friday to formally face multiple charges.

The unidentified teens, aged 16 and 17, are both charged with three counts of unauthorized access to a computer with intent to impair the reliability of the data, one count of fraud by false representation and one count of unauthorized access to a computer with intent to hinder access to data. The 16-year-old faces an additional count of causing a computer to perform a function to secure unauthorized access to a program, according to a statement from City of London Police Detective Inspector Michael O’Sullivan.

The pair were released on bail, the BBC reported.

The court appearance comes about a week after the City of London Police arrested seven people aged 16 to 21 in connection with an investigation into Lapsus$, a prolific cybercrime group that successfully breached major companies such as Microsoft, Okta, Ubisoft, Nvidia and others in recent months.

Just before the arrests, Bloomberg reported that a 16-year-old living in his mother’s house in Oxford, England was involved with some of the group’s major hacks. The group had also posted a message to its Telegram channel a day before the arrests that “a few of our members has (sic) a vacation until 30/3/2022.”

On March 29 the group posted another message to the channel saying “we are officially back,” and posted a screenshot that appeared to data that appeared to be associated with Globant, an Argentina-based international IT and software development firm. The group claimed to have roughly 70 gigabytes of files.

On March 31 the company admitted it had suffered a data breach affecting a “limited section of our company’s code repository.”