Google is facing a rare and alarming ultimatum from a hacker group calling itself Scattered LapSus Hunters. The group has publicly demanded that Google fire two employees, Austin Larsen and Charles Carmakal, and immediately stop network probes conducted by its internal security team. If the tech giant does not comply, the hackers warn they will release sensitive company records.
According to a Telegram post, the group claims to be a coalition of hackers from known organizations such as Scattered Spider, LapSus, and ShinyHunters. Despite their threats, the group has not shown any evidence that it has gained access to Google’s internal systems. Security experts say this may be an intimidation tactic aimed at forcing Google to take action under pressure.
The message has raised concerns among cybersecurity professionals because it targets specific individuals. This type of demand is unusual, as hacker groups usually focus on stealing data or money, not requesting the termination of employees. Google has not publicly responded to the ultimatum or confirmed whether it is investigating the claims.
2.5 Billion Gmail Users on Alert as Google Issues Urgent Security Warning
Who Are Austin Larsen and Charles Carmakal?
The two employees named by the hackers are Austin Larsen and Charles Carmakal. They work at Google in cybersecurity and threat intelligence. The company has not shared their exact roles. Both are believed to be part of the Google Threat Intelligence Group. This team monitors digital threats. It also investigates unusual activity across Google’s large network.
Charles Carmakal is a well-known figure in cybersecurity circles, often involved in investigating complex hacking incidents. Austin Larsen is reportedly part of the team that helps identify and respond to cyber threats. The hackers’ focus on these two employees suggests that the employees may have monitored or tried to stop past cybercriminal activities, possibly including those of the hacker group now issuing the ultimatum.
Experts warn that naming individual employees in a threat adds an extra layer of danger, as it could lead to personal targeting or harassment beyond corporate consequences.
TransUnion confirms data breach affecting 4.4 million consumers through third party system
Background: Salesforce Breach and Gmail Security Risks
The ultimatum comes in the wake of a recent security incident involving Salesforce, a third-party service provider that handles some Google operations. In August, the hacker group ShinyHunters accessed a Salesforce database used by Google. Although they did not steal any Google account data or passwords, they obtained business contact details, which cybercriminals have since used to carry out phishing attacks and voice-based scams.
Google responded by issuing a global alert to its 2.5 billion Gmail users, urging them to change their passwords and be extra cautious about suspicious emails or phone calls. The company reported that phishing and “vishing” attacks now account for 37% of account hijacking incidents across its platforms. Hackers have leveraged the stolen contact information to create convincing impersonations of Google communications, making users more vulnerable to scams.
The situation shows how cybercriminal networks are becoming more sophisticated. Large tech companies face bigger challenges in protecting their systems and users. So far, there is no proof that Google’s internal systems were breached. However, the hackers’ ultimatum adds pressure. It also raises questions about how the company protects employees who handle sensitive information.
