On September 11, after posting a lengthy “Goodbye” message on BreachForums[.]hn and linking to it on Telegram, the individuals calling themselves Scattered LAPSUS$ Hunters 4.0 seemed to have some difficulty with sticking to the “going silent” part of their farewell message. In short order, they posted four screenshots suggesting that they had access to the federal Criminal Justice Information Services (CJIS) instant background check service.
 |
 |
 |
 |
Screenshots appear to be taken from within the federal instant background check portal. Additional redaction on one screenshot by DataBreaches.net.
DataBreaches submitted inquiries to the FBI last week and again over the weekend, asking if they have investigated the threat actors’ claims about access to the portal. No reply has been received.
Scattered et al. also posted a message suggesting they had hacked the U.K.’s National Crime Agency (NCA), and then posted two screenshots suggesting they had access to Google’s Law Enforcement Request System portal (LERS):
 |
 |
There was nothing exposed in the LERS screenshots that indicated the data of any account creation or any account use.
DataBreaches emailed Google to inquire about the claimed access to LERS. Google’s spokesperson sent the following statement:
We have identified that a fraudulent account was created in our system for law enforcement requests and have disabled the account. No requests were made with this fraudulent account, and no data was accessed.
The response we got from Google and the lack of response from DOJ mirror what Bleeping Computer just reported. See their report for some additional details.
DataBreaches wonders how many other accounts may also have been created in the past that went undetected, but for now, Google is not detecting any fake account.