Google has confirmed a significant security incident involving its Law Enforcement Request System (LERS). The company acknowledged that a fraudulent account was successfully created within this sensitive portal, which is used globally by police and government agencies to formally request user data. The confirmation came after a threat actor group calling itself “Scattered Lapsus$ Hunters” boasted about the access on Telegram, posting screenshots as purported evidence. This group is believed to be a coalition of members from other notorious cybercrime syndicates, including ShinyHunters, Scattered Spider, and Lapsus$, known for a string of high-profile data thefts.
While the creation of a fake account in such a critical system raises serious alarms, Google has stated that the breach was contained before any damage could be done. “We have identified that a fraudulent account was created in our system for law enforcement requests and have disabled the account,” a Google spokesperson reported. The company firmly stated that “no requests were made with this fraudulent account, and no data was accessed.” The incident is particularly troubling as unauthorized access to LERS could potentially allow criminals to impersonate law enforcement officials and submit illegitimate subpoenas or emergency data requests, thereby illegally obtaining sensitive user information.The hackers also claimed to have accessed the FBI’s eCheck background check system, though this has not been confirmed.
Although Google managed to prevent data exfiltration in this instance, the successful creation of an account highlights the persistent and evolving threats facing even the most secure technology platforms and the critical need for robust verification protocols in systems that interface with government agencies.
Source: BleepingComputer
