On Wednesday, the Brazilian Federal Police reported that one person had been detained for allegedly having ties to the notorious LAPSUS$ extortion group.
The arrest was made as part of Operation Dark Cloud, a new law enforcement initiative that was started in August 2022, according to the agency. Other than the possibility that the suspect is a teenager, not much is known about him or her.
According to the Federal Police, an attack on websites run by the Brazilian Ministry of Health in December 2021 led to the suspected exfiltration of 50TB of data and the temporary loss of millions of people’s COVID-19 immunization records.
The Comptroller General of the Union, the Federal Highway Police, and other federal government websites were also targeted by the LAPSUS$ organization in Brazil.
“Criminal organization, invasion of a computer device, disruption or disturbance of telegraphic, radio, telegraphic, or telephone service, blocking or impeding its restoration” are the offences identified by the police inquiry, according to the statement.
Earlier in March, the Israeli cybersecurity company Check Point referred to the cybercriminals as a “Portuguese hacking group from Brazil.”
The discoveries follow the arrest of seven British citizens by the City of London Police in late March 2022. Two of the juvenile defendants were then charged with breaking into computer systems and stealing private data.
With their attention-grabbing attacks on Microsoft, Cisco, Samsung, NVIDIA, Okta, Ubisoft, Globant, T-Mobile, Mercado Libre, and Vodafone, the LAPSUS$ gang has gained international reputation in less than a year.
Before its members expanded to target other businesses in Europe and the US, the group’s early breaches were mostly directed at institutions in Brazil and South America.
In connection with cyberattacks on Uber and Rockstar Games, the City of London Police revealed last month that it had detained a 17-year-old adolescent from Oxfordshire who is thought to be LAPSUS$’s ringleader.