Advertisement

Teen GTA 6 hacker sentenced to an indefinite hospitalization after mental health assessment

The 18-year-old hacked Rockstar Games from a hotel with a Fire TV stick, all while under police custody.

Rockstar Games

A London judge has sentenced the teenage hacker who infiltrated Rockstar Games, leaking Grand Theft Auto VI footage, to an indefinite hospitalization, as reported by The BBC. The 18-year-old, Arion Kurtaj, breached Rockstar’s servers from a Travelodge hotel while under police custody, using only an Amazon Fire TV Stick, smartphone, keyboard and mouse. (He was promptly re-arrested.) Kurtaj was a central member of the Lasus$ international hacking group.

Doctors declared Kurtaj unfit to stand trial because he has acute autism. Following the judgment, the jury was instructed to determine if he committed the alleged crimes, not whether he had criminal intent. Following a mental health assessment suggesting he “continued to express the intent to return to cybercrime,” the judge decided he remained too high a risk to the public. The court also heard accounts of Kurtaj’s allegedly violent behavior while in custody, including reports of injury and property damage. And so Kurtaj will now be committed to a hospital prison.

Despite Rockstar's claim that the hack cost it $5 million and thousands of hours of staff time, Kurtaj’s attorneys argued the success of the GTA 6 trailer, which racked up 128 million views in its first four days, meant his hack didn’t cause serious harm.

A second Lapsus$ member was found guilty in the same trial, but the 17-year-old’s name wasn’t made public because they’re a minor. The unnamed hacker was accused of working with Kurtaj and other Lapsus$ members to infiltrate Nvidia and phone company BT/EE, stealing data and demanding a $4 million ransom. The minor was sentenced to an 18-month youth rehabilitation order under “intense supervision,” including a ban on VPN use.

The two accomplices are the first Lapsus$ members to be convicted. Authorities believe other “digital bandits” in the group (suspected to be primarily teenagers in the UK and Brazil) are still at large. It isn’t clear what kind of payoff the hackers got from the ransom requests, if any, as none of the affected companies have admitted to ponying up.