A Review of Lapsus$

Industry: N/A | Level: Strategic | Source: Wired

The Lapsus$ data extortion group has caused quite a frenzy in cyberspace as the group has breached data from a number of high-profile companies including Samsung, Nvidia and Unisoft in the month of March 2022. The threat group reviewed by Wired doesn't appear to be interested in ransomware (at least currently), rather the group's focus based on the latest breaches has only been data theft and extortion. The group's social media channel of choice is Telegram where abundant communications have been released associated with their victims. The group's operations appear to be fueled by financial gains and are not associated with political agendas as stated on the group's channel, “Remember: The only goal is money, our reasons are not political,”. Preliminary analysis by researchers observing the group describes them as potent but unorganized, "Lapsus$ seems to be more of a loose collective than a disciplined, corporatized operation." Much about the Lapsus$ group remains unknown as researchers aren't certain where the group is based, early speculation theorizes the group to be based in South America or Europe. One distinguishing "antic" the group has involves the usage of polls to determine which company's data they've compromised to be released.