Threat Group Profile
lapsus$
β Active β last 30 days
Victim claims
7
First seen
Apr 2026
Last activity
23 Jun 2026
Tracked since
Mar 2026
Group overview
Lapsus$ is an internationally composed data extortion group most active from mid-2021 through 2022, executing high-profile breaches against Microsoft, Nvidia, Samsung, Okta, and Uber by stealing source code and threatening leaks rather than encrypting files; several members β predominantly teenagers β were arrested in the UK.
Preferred targets
Financial Services Β· 2
Technology Β· 2
Consumer Services Β· 1
Telecommunication Β· 1
Business Services Β· 1
Most targeted countries
US Β· 3
MM Β· 1
SE Β· 1
DE Β· 1
ES Β· 1