Google confirmed that miscreants created a fraudulent account in its Law Enforcement Request System (LERS) portal, which police and other government agencies use to ask for data about Google users.
“We have identified that a fraudulent account was created in our system for law enforcement requests and have disabled the account,” a Google spokesperson told The Register on Tuesday. “No requests were made with this fraudulent account, and no data was accessed.”
Google’s admission follows BreachForums posts by Scattered Lapsus$ Hunters – this is the gang allegedly made up of members from three other notorious cybercrime crews, Scattered Spider, ShinyHunters, and Lapsus$. Shortly after announcing their retirement from the ransomware biz, they indicated via screenshots that they had access to Google LERS, as well as the FBI’s National Instant Criminal Background Check System (NICS), a federal system that provides background checks on would-be gun buyers to ensure they aren’t prohibited from owning a firearm. The FBI declined to comment on the extortionists’ claims.
[…]
Source: Google confirms crims accessed its law enforcement portal • The Register
Robin Edgar
Organisational Structures | Technology and Science | Military, IT and Lifestyle consultancy | Social, Broadcast & Cross Media | Flying aircraft