UK police arrest seven individuals suspected of being hacking group members

The youngest suspect is 16 years old.
Written by Charlie Osborne, Contributing Writer

UK law enforcement has made a spate of arrests in connection to an unnamed hacking group. 

Detective Inspector Michael O'Sullivan, from the City of London Police, said in a statement that the law enforcement agencies and its partners have been conducting an investigation into a cybercriminal outfit, leading to seven arrests. 

Seven teenagers between the ages of 16 and 21 years old have been arrested. 

According to O'Sullivan, they have been "arrested in connection with this investigation and have all been released under investigation."

The City of London Police did not formally name the hacking group or provide any further detail concerning the inquiry.  

On Wednesday, the BBC reported that a 16-year-old teenager from Oxford, who used the "White" and "Breachbase" aliases online, was accused of being affiliated to the Lapsus$ hacking group. White has been tracked for over a year and was reportedly doxxed online after falling out with others involved in the underground, leading to the leak of his personal information. 

Law enforcement has not commented on whether the teenager is among those arrested. 

Lapsus$ has rapidly risen through the cybercriminal ranks in recent months, claiming high-profile organizations as victims. 

See also: Who are the Lapsus$ hackers and what do they want?

This week, Okta and its subprocessor Sitel admitted to a security breach in January following the leak of 'evidence' screenshots by Lapsus$. The incident has impacted up to 366 customers. 

Microsoft also confirmed Lapsus$ compromise on Wednesday after the group was able to maliciously infiltrate a "limited" account. However, the Redmond giant has not confirmed the validity of a torrent released by the hacking group, allegedly containing source code from Bing, Bing Maps, and Cortona.

In other security news this week, four Russian nationals have been indicted by US law enforcement for their alleged participation in cyberattacks against critical infrastructure, made by the DragonFly and Triton hacking groups. 

Previous and related coverage

Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0

Editorial standards