A 16-year-old is accused of being the mastermind behind the Nvidia, Microsoft, Ubisoft hacks

The teen has not been publicly accused of any crime.

Photo by Kevin Ku

Investigators believe that a teenager is the main driving force behind a string of high-profile hacks including those at Nvidia and Microsoft, according to a Bloomberg report.

A group of four researchers began investigating the Lapsus$ hacking group and were led to a 16-year-old living with his mother in Oxford, England. The teenager is currently unnamed but goes by the online alias of “White” and “breachbase.” Authorities have not publicly accused the teen of any crime, Bloomberg reports.

Researchers used forensic evidence from the hacks as well as public information to connect the teen to Lapsus$. The team of researchers initially believed the activity they were tracking was automated due to the teen’s skill level and speed. Still, the authorities and researchers “haven’t been able to conclusively tie him to every hack Lapsus$ has claimed.”

The group is also said to suffer from “poor operational security,” leading to the teen’s addresses and other personal family information being leaked by rival hackers.

The teen’s mother spoke with a Bloomberg journalist for about 10 minutes through a doorbell intercom at her home just five miles from Oxford University. The woman claims to have been previously unaware of the accusations and was disturbed by the leaked personal information, which included pictures of the teen’s father’s home.

But the unnamed teen is just one of several known Lapsus$ members. Researchers believe that the group is based out of South America and have been able to track several accounts tied to the hacking group. Another suspected Lapsus$ member is a teenager living in Brazil, according to Bloomberg.

While the group is talented based on researcher accounts, the lack of operational security that led to the teen having their address and info leaked has proved stifling in other ways. Microsoft, which has been tracking the group under the ID DEV-0537, was able to interrupt another Lapsus$ intrusion after its source code was previously stolen. Lapsus$ isn’t keen on covering up its tracks and often announces its actions and intentions via social media. It’s this public display that led Microsoft to catch the intrusion.

“Our team was already investigating the compromised account based on threat intelligence when the actor publicly disclosed their intrusion,” said Microsoft in a blog post. “This public disclosure escalated our action allowing our team to intervene and interrupt the actor mid-operation, limiting broader impact.”

Lapsu$ has claimed credit for hacks at Nvidia, Microsoft, Samsung, Okta, Vodaphone, and Ubisoft. Both Microsoft and Nvidia had their respective source codes leaked, while Vodaphone was the subject of a Telegram poll on what the group should leak next. Nvidia CEO Jensen Huang called the Lapsu$ hack “a wake up call” and pointed to similar vulnerabilities every company has.