A teenager is suspected of being the mastermind behind the Lapsus$ hacking group, which has claimed responsibility for data hacks of Samsung and Nvidia, as well as recently revealed breaches at Microsoft and Okta, according to a Bloomberg report Wednesday.

Four researchers investigating Lapsus$ suspect that a teen living in the UK who goes by the online alias "White" and "breachbase" is running group's activities, Bloomberg reported. However, the teen, whom Bloomberg didn't identify because of his age, hasn't been accused of a crime by law enforcement and the researchers "haven't been able to conclusively tie him to every hack Lapsus$ has claimed," Bloomberg reported.

Bloomberg said the boy's mother spoke with one of its reporters for about 10 minutes through a doorbell intercom system at the home, located about 5 miles from Oxford University. She reportedly said she was unaware of the allegations against her son and declined to discuss him or make him available for an interview.

The group, believed to be based in South America, also includes another teenager living in Brazil, among others, according to Bloomberg. The teen's high level of skill initially led researchers to believe that they were observing was automated, one persona involved in the research told the news agency.

Lapsus$' use of social media makes it unusual in the hacking arena. On Monday, the group allegedly posted online screenshots to its Telegram channel of what appeared to be Okta's internal tickets and its in-house chat on Slack, the messaging app. The identity authenticator giant, which counts more than 15,000 companies as clients, said about 2.5% of its customers may have been impacted.

Microsoft, which was also targeted by Lapsus$ recently, said it interrupted a data hack by the group after it publicly disclosed the operation on social media. Microsoft said the hackers gained "limited access" to a single account, noting that Lapsus$ doesn't seem concerned with hiding its activity.

"Our team was already investigating the compromised account based on threat intelligence when the actor publicly disclosed their intrusion," Microsoft said in a blog post Tuesday. "This public disclosure escalated our action allowing our team to intervene and interrupt the actor mid-operation, limiting broader impact."