Threat actor · all actors
LAPSUS$ (hacktivist persona)HACK-LAPSUS-HACKTIVIST hacktivist
aka LAPSUS$, Lapsus, WhiteDoxbin
Last updated:
0attributed CVEs
0ATT&CK techniques
0.0IDF score (tooling uniqueness)
0exclusive CVEs
—years active
About this actor
A 2021-2022 international data-extortion crew that operated with hacktivist-style public messaging on Telegram, claiming high-profile breaches at Microsoft, NVIDIA, Samsung, Okta, and Brazilian state targets. Several UK-based teenage members were arrested in 2022 and convicted in 2023; FBI continues to pursue additional members.
Activity timeline
No activity events recorded.
Profile
| CVE | Risk | CVSS | EPSS | Published | Products |
|---|---|---|---|---|---|
| No attributed CVEs. | |||||
No techniques attributed.
Co-occurring actors
None.