Microsoft, Nvidia, Ubisoft, and several other giant tech companies fell prey to a group of hackers named Lapsus$ whose mastermind is alleged to be a 16-year-old English boy living in his mother’s home next to Oxford, England. In the previous month, the companies had to face severe breach in data security and system was compromised. Nvidia lost sensitive GPU designs and Microsoft’s system was partially compromised.

In the past few years, most hackers have shown a great use of malware to encrypt victim’s files, and then demand a huge sum of money to unlock so-called ransomware. In some cases, hackers steal vulnerable files to fulfill their agendas. Refusing to abide by their demands may result in great trouble causing various threats and blackmail to reveal confidential files in public.

Lapsus$, the group of hackers, has been identified to function as a “large-scale social engineering and extortion campaign," as articulated by Microsoft. The Mobile phone-based strategies used by the group of hackers are majorly intended to target personal email accounts according to Microsoft.

According to the reports by bloomberg, it states, “researchers investigating the hacking group Lapsus$ on behalf of companies that were attacked” and are stretching their main efforts on the suspected english boy who is assumed to be behind most, though not all, of the intrusions. Simultaneously, the researchers are also investigating a Brazilian teenager, and believe that there are seven members total in the group. They believe the main suspect from England, was so good at hacking that the “researchers initially thought the activity they were observing was automated.”

Microsoft says the group, which is running a “large-scale social engineeringand extortion campaign against multiple organisations,” has been in part so successful because they’ve been able to enlist “insiders at victimised companies to assist in their hacks.”

Outrageously, it’s claimed that members of Lapsus$ have been using compromised employee information to log in to Zoom calls being held by their victims, “where they have taunted employees and consultants who are trying to clean up their hack.”

The cybersecurity researchers stated that they figured out the identity of two teens so fast due to all their offensive capabilities and majorly because the group suffers from poor operational security