IT and software development firm Globant said in a statement Wednesday that it experienced a network breach. The statement appeared to confirm claims made by Lapsus$, a group that has successfully compromised Microsoft, Nvidia, Okta, and other victims in recent weeks.
Lapsus$ is a relative newcomer to the data-extortion scene. While the group’s tactics and procedures lack sophistication, members largely believed to be young and technically immature make up for it with persistence. Gang members were rumored to be among seven individuals arrested last week by London police. A leak yesterday on the Lapsus$ Telegram channel included data the group said came from a recent hack on Globant, raising questions about precisely what relationship the suspects, aged 16 to 21, had with Lapsus$.
Not dead yet
London police don’t appear to have explicitly said the suspects were members of Lapsus$, “but, assuming [the suspects] are, we still don’t know how many other individuals are associated with the operation or where they may be based,” Brett Callow, a threat analyst with security firm Emsisoft, wrote in a private message. “For example, at least one of the members appears to be a native speaker—or, more accurately, writer—of Brazilian Portuguese.”