Who is Lapsus$?
A prolific hacking gang has been making a name for itself with a string of cyber attacks against a range of high-profile targets. In the space of just a few days, a group known as Lapsus$ revealed that it has stolen data from big-name organisations including Microsoft and Okta.
The aim of the Lapsus$ campaign appears to be soliciting ransom payments, with threats to leak stolen information if its extortion demands aren’t met. While this tactic is a familiar one, often used by ransomware gangs as extra leverage to force victims to pay a ransom for a decryption key, in the case of Lapsus$, there’s no sign that ransomware is part of the attacks because no data is encrypted.
But that doesn’t mean that the attacks aren’t damaging: Microsoft Security notes that there’s evidence of destructive element to the attacks for victims which won’t give in to extortion demands.
Enterprise identity and access management provider Okta is one of the biggest victims of Lapsus$, in an incident in which the company says attackers may have managed accessed information of around 2.5% of Okta customers – a figure which the company says represents 366 organisations.
Okta disclosed the breach on March