On 21 December 2023, Her Honour Judge Patricia Lees of Southwark Crown Court imposed an indefinite hospital order under the Mental Health Act 1983 on Arion Kurtaj, the eighteen-year-old Lapsus$ member responsible for the September 2022 Rockstar Games intrusion that produced the most damaging pre-release leak in video-game history (Tidy, 2023). The disposal โ under which Kurtaj will remain at a high-security hospital "for life unless doctors deem him no longer a danger" โ turned almost entirely on the court's assessment of recidivism risk rather than on retributive proportionality (Tidy, 2023). This report analyses the structure of that recidivism argument: the evidentiary foundations the judge relied upon, the statutory framework that permitted an indefinite restriction, and why the cybercrime context produced a sentencing outcome substantially harsher in duration than the maximum determinate term Kurtaj could have received had he been fit to plead.
Kurtaj was found unfit to plead on account of severe autism, so the jury was directed under the Criminal Procedure (Insanity) Act 1964 to determine only whether he had committed the acts charged, not whether he had done so with the mens rea required for conviction (Tidy, 2023). Upon a finding of "did the act", the court's disposal options were limited under section 5 of the 1964 Act to a hospital order (with or without restriction), a supervision order, or an absolute discharge. The judge selected a hospital order under section 37 of the Mental Health Act 1983 coupled with an unlimited restriction order under section 41 โ the most restrictive disposal available โ precisely because the restriction provisions are explicitly future-facing: they may only be imposed where the court is satisfied that doing so is "necessary for the protection of the public from serious harm" (Mental Health Act 1983, s.41(1)). The recidivism argument was therefore not collateral but constitutive of the disposal.
Judge Lees grounded the indefinite restriction on three converging strands of evidence. First, demonstrated in-custody persistence: while on police bail for the Nvidia and BT/EE intrusions and held in protective accommodation at a Travelodge, Kurtaj re-offended by breaching Rockstar Games using only an Amazon Fire TV stick, the hotel television, and a mobile phone after his laptop had been confiscated (Tidy, 2023). The court treated this as near-conclusive evidence that conventional bail conditions, device seizure, and even police supervision were structurally inadequate controls. Second, the court relied on a contemporaneous mental-health assessment in which Kurtaj "continued to express the intent to return to cyber-crime as soon as possible" and was characterised as "highly motivated" (Tidy, 2023). Third, the judge took account of dozens of reported incidents of violence and property damage during custody, indicating that the risk was not purely digital but extended to physical harm to staff and other detainees (Tidy, 2023).
The judge's reasoning reflects a wider doctrinal trend identified by the U.S. Cyber Safety Review Board, which concluded in its August 2023 review of Lapsus$ that the group "made clear just how easy it was for its members (juveniles, in some instances) to infiltrate well-defended organisations" (CISA, 2023). Cybercrime presents three features that distort the standard recidivism inquiry: the marginal cost of re-offending approaches zero once skills are acquired; the offender requires no accomplices, no weapons, and no physical mobility; and ubiquitous consumer hardware is sufficient to launch attacks against multinationals โ as the Firestick episode demonstrated. The aggregate financial harm from Lapsus$ exceeded $10 million across victims including Uber, Nvidia, Microsoft and Revolut, with Rockstar alone incurring approximately $5 million in remediation costs and thousands of staff hours (Tidy, 2023). The judge expressly rejected the defence submission that the commercial success of the GTA VI trailer (128 million YouTube views in four days) showed the absence of serious harm, holding that harm to the corporate victim was real and that there were further real victims across the broader offending pattern (Tidy, 2023).
The disposal sits uneasily with conventional sentencing proportionality because its duration is open-ended and depends entirely on the clinical judgement of treating doctors and, ultimately, the First-tier Tribunal (Mental Health). The judge's willingness to impose that uncertainty was driven by her finding that Kurtaj's autism-related characteristics โ high cognitive ability, narrow but intense focus on technical systems, and limited responsiveness to deterrent signals โ were not modifiable through fixed-term custody. Yar (2013) observes that hacker subcultures often display strong identity-based commitment that conventional desistance theories underweight, and the Kurtaj assessment evidence (a stated intention to resume offending "as soon as possible") fits that pattern. The co-defendant, by contrast, received an eighteen-month Youth Rehabilitation Order with intensive supervision and a VPN ban, illustrating that the indefinite element was specifically tied to Kurtaj's individual risk profile, not to the offence type as such (Tidy, 2023).
The recidivism argument is internally coherent but raises three concerns. First, the reliance on stated future intent โ captured in a clinical setting from a defendant unfit to plead โ risks conflating fantasy or bravado with operational capability. Second, the indefinite restriction transfers the locus of release authority from the judiciary to a tribunal applying a clinical test, which may never be satisfied if treating clinicians remain risk-averse. Third, as Wall (2007) notes, the criminological literature on cyber-offender desistance is thin, and the assumption that skill-based, low-cost offending necessarily implies high recidivism has not been empirically validated against a comparable cohort. Nevertheless, on the facts available to the court โ particularly the Firestick re-offending while under supervision โ the inference of intractable risk was difficult to resist.
The indefinite hospital order represents a sentencing court taking the recidivism question to its logical extreme in a cybercrime context: where capability is portable, motivation is declared, and prior controls have demonstrably failed, the only available protective measure is one of indefinite duration. The Kurtaj disposal will likely be cited in future cases involving neurodivergent cyber-offenders with high technical capability and stated intent to re-offend, and it marks a discernible shift toward incapacitation-led, rather than tariff-led, sentencing in serious cybercrime.
CISA (2023) Review of the Attacks Associated with Lapsus$ and Related Threat Groups Report. Washington, DC: Cyber Safety Review Board, U.S. Department of Homeland Security. Available at: https://www.cisa.gov/resources-tools/resources/review-attacks-associated-lapsus-and-related-threat-groups-report (Accessed: 14 May 2026).
Mental Health Act 1983, c. 20. London: HMSO. Available at: https://www.legislation.gov.uk/ukpga/1983/20 (Accessed: 14 May 2026).
Criminal Procedure (Insanity) Act 1964, c. 84. London: HMSO. Available at: https://www.legislation.gov.uk/ukpga/1964/84 (Accessed: 14 May 2026).
Tidy, J. (2023) 'Lapsus$: GTA 6 hacker handed indefinite hospital order', BBC News, 21 December. Available at: https://www.bbc.com/news/technology-67663128 (Accessed: 14 May 2026).
Wall, D.S. (2007) Cybercrime: The Transformation of Crime in the Information Age. Cambridge: Polity Press.
Yar, M. (2013) Cybercrime and Society. 2nd edn. London: Sage Publications.