T-Mobile was claimed by the Lapsus$ hacking group.
Brian Krebs, a security journalist, obtained a week's worth of private chat messages between the core members of T-Mobile, which was the seventh data breach in the past four years. The messages obtained by Krebs were sent in a private Telegram channel during the week leading up to the arrests of the gang's most active members. Two Lapsus$ members were charged with multiple cyber offenses.
The messages show that Lapsus$ had access to T-Mobile's network by compromising employee accounts, either by buying leaked credentials or through social engineering. This gave Lapsus$ access to T-Mobile's internal tools, including Atlas, used for managing customer accounts, which the hackers used in an attempt to find T-Mobile accounts associated with the FBI and Department of Defense, but were blocked as the access needed additional checks.
Through employee account access, the hackers were in a position to carry out sim- swap attacks, where they reassign a target's cell phone number to a device under their control, which allows for the intercept of phone calls and text messages.
T-Mobile told news outlets that no customer or government information was accessed during the incident.
The hackers were able to steal source code for a range of company projects, just as the group had done with Microsoft and SAMSUNG.
A bad actor using stolen credentials was detected several weeks ago by our monitoring tools.
T-Mobile has confirmed previous data breeches. In August of last year, the telecom giant admitted that at least 47 million customers had account data stolen. The personal data of 7.8 million current postpaid customers, including dates of birth and Social Security, were accessed by hackers, as well as the records of 40 million former and prospective customers.
T-Mobile says at least 47M current and former customers affected by hack
All Rights Reserved © 2024
