TZUTC: -0500   
   MSGID: 1505.consprcy@1:2320/105 2d2ebf92   
   PID: Synchronet 3.21a-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0   
   TID: SBBSecho 3.28-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0   
   BBSID: CAPCITY2   
   CHRS: ASCII 1   
   FORMAT: flowed   
   Google confirms hackers created their own account in sensitive law    
   enforcement portal   
      
   Date:   
   Tue, 16 Sep 2025 14:28:00 +0000   
      
   Description:   
   Infamous group accessed Google's Law Enforcement Request System but    
   apparently did not download any files.   
      
   FULL STORY   
      
   Cybercriminals managed to get their own account on the Google Law Enforcement   
   Request System (LERS) platform, the search engine giant confirmed to the    
   media earlier this week.    
      
   Recently, threat actors going by Scattered Lapsus$ Hunters posted a new   
   screenshot in their Telegram channel, allegedly showing an automated   
   confirmation email from Google.    
      
   Google has created a new Law Enforcement Request System (LERS) account for   
   you, the screenshot says.   
      
   Disabled the account    
      
   LERS is a secure online portal that Google provides specifically for verified   
   law enforcement agencies. Through it, the police can submit requests for user   
   data, such as subpoenas, court orders, or search warrants. Through this   
   system, authorized officers can upload documents, monitor the status of their   
   requests, and download the sensitive data.    
      
   To gain access to LERS, one must be pre-approved by Google. Simply having an   
   agency email address wont suffice - they need to be added to Googles approved   
   list, which raises the question - how did the criminals do it? Either Googles   
   approval system is flawed, or crooks somehow managed to impersonate law   
   enforcement personnel.    
      
   After news broke, BleepingComputer reached out to both Google, and the FBI,   
   and while the latter declined to comment, Google confirmed the cybercriminals   
   claims:    
      
   "We have identified that a fraudulent account was created in our system for   
   law enforcement requests and have disabled the account," Google told the   
   publication. "No requests were made with this fraudulent account, and no data   
   was accessed."    
      
   Scattered Lapsus$ Hunters is a threat actor created after three groups -   
   Scattered Spider, Lapsus$, and ShinyHunters - merged into one. The group is   
   suspected to be behind some of the biggest data breaches this year, including   
   the Drift AI/Salesloft incident that affected dozens of large tech companies.    
      
   Mere days before posting this screenshot, the group announced it was going   
   dark, which some threat actors interpreted as a sign of fear over the   
   impending consequences of the recent attacks.    
      
    Via BleepingComputer   
      
   ======================================================================   
   Link to news story:   
   https://www.techradar.com/pro/security/google-confirms-hackers-created-their-o   
   wn-account-in-sensitive-law-enforcement-portal   
      
   $$   
   --- SBBSecho 3.28-Linux   
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)   
   SEEN-BY: 105/81 106/201 128/187 129/14 305 153/7715 154/110 218/700   
   SEEN-BY: 226/30 227/114 229/110 111 206 300 307 317 400 426 428 470   
   SEEN-BY: 229/664 700 705 266/512 291/111 320/219 322/757 342/200 396/45   
   SEEN-BY: 460/58 712/848 902/26 2320/0 105 304 3634/12 5075/35   
   PATH: 2320/105 229/426