New details about the recent Uber and GTA VI leaks have emerged. The FBI might get involved in the case, with other hackers naming a British teenager as the prime suspect in both cyber attacks.

Security breach investigation

On September 19, Uber released a statement on the security breach it experienced last week. The company said it is “in close coordination with the FBI and US Department of Justice on this matter.”

Neither the FBI or the DOJ have commented on the case yet, so it is unclear whether they have already launched an investigation.

Over the weekend, an anonymous hacker accessed Uber’s internal systems by compromising an account of one of the company’s contractors. As a result, they received access to some corporate tools such as Slack and reconfigured Uber’s OpenDNS to display a pornographic image.

The company said the attacker didn’t access production systems critical to the work of its apps. No user accounts, credit card numbers, or any other sensitive data has been stolen either.

Uber believes that the hacker is affiliated with a hacker group called Lapsus$ and might be involved in the Rockstar Games breach that exposed over 90 gameplay footage from the early build of GTA VI.

What is known about the Lapsus$ group?

It is an anonymous hacker organization that has been active since the end of 2021. It has around seven members, but the real names of the people behind the group remain unknown.

Lapsus$ usually targets high-profile companies to seal their data and demand a ransom. However, the exact motivation behind their attacks is unclear.

As highlighted in a Bloomberg report, the group has hacked Microsoft, Samsung, Nvidia, Ubisoft, and Okta. They usually steal the source code and try to access other sensitive data using different security breaches.

Despite attacking large tech companies, Lapsus$ itself suffers from poor operational security. “Unlike most activity groups that stay under the radar, [Lapsus$] doesn’t seem to cover its tracks,” Microsoft said in a blog post after it fell victim to the attack earlier this year. “They go as far as announcing their attacks on social media or advertising their intent to buy credentials from employees of target organizations.”

Who is the teen mastermind behind the GTA VI and Uber leaks?

In March, London police arrested seven teenagers in relation to the Lapsus$ group. One of them is a 16-year-old autistic boy from Oxford who goes under his online monikers “White” and “Breachbase”. The teen was arrested after his personal information, including his name and address, were posted online by other hackers.

The 16-year-old boy reportedly made around $14 million from his crimes. However, it seems that he continued his hacking activities.

On September 18, an administrator of the Breach Forums claimed that the person behind the GTA VI and Uber hacks was Arion, another moniker used by the 16-year-old Breachbase.

Blogger Michael aka LegacyKillaHD noted that other hackers on the Doxbin website also named Arion as the person behind these leaks.

It is also worth noting that the hacker nicknamed Teapotuberhacker (perhaps, another moniker of the 16-year-old British teen) claimed that he was not only responsible for the GTA VI leak but also for the recent Uber breach. So the connection seems real, although it is yet to be proven.