Google has confirmed that cybercriminals created a fraudulent account within its Law Enforcement Request System (LERS), a platform used by authorities to formally request user data. The company stated that the account was disabled before any requests were submitted or data accessed. This announcement follows claims by a threat group known as "Scattered Lapsus$ Hunters," who alleged they breached both Google LERS and the FBI’s eCheck system.
The group, which includes members linked to prominent extortion gangs like Shiny Hunters and Scattered Spider, shared screenshots purportedly showing their access. Unauthorized entry into such systems could enable attackers to impersonate law enforcement and obtain sensitive user information. The same actors have been implicated in widespread data theft campaigns targeting companies via social engineering and exposed authentication tokens.
Despite the group’s recent statement about "going dark," security researchers believe they will continue operating quietly. Their past attacks have impacted major organizations including Google, Cisco, and Cloudflare. Google’s Threat Intelligence team has previously exposed and disrupted the group’s activities, leading to public taunts and threats from the hackers.
