Google has confirmed that hackers managed to create a fraudulent account inside its Law Enforcement Request System (LERS), the platform used by law enforcement agencies worldwide to submit subpoenas, court orders, and emergency data requests.

“We have identified that a fraudulent account was created in our system for law enforcement requests and have disabled the account,” Google told BleepingComputer. “No requests were made with this fraudulent account, and no data was accessed.”

The statement comes after a group calling itself “Scattered Lapsus$ Hunters” claimed on Telegram to have breached both Google’s LERS portal and the FBI’s eCheck background check system, posting screenshots of alleged access. The FBI declined to comment.

Unauthorized access to LERS could allow attackers to impersonate law enforcement and request sensitive user data. While Google denied any misuse in this case, the claims highlight the risks tied to threat groups targeting trusted government platforms.

The “Scattered Lapsus$ Hunters” gang—linked to Shiny Hunters, Scattered Spider, and Lapsus$—has been behind multiple high-profile Salesforce data theft campaigns this year, affecting companies such as Google, Adidas, Qantas, Cisco, Louis Vuitton, and Cloudflare.

Despite claiming they were “going dark,” researchers believe the group will continue operating quietly, targeting major enterprises and government systems.


Buy ExpressVPN with PayPal or Credit Card
Advertisement
READ
Google Faces Antitrust Investigation in South Korea Over Android App Store Practices