Lapsus$ stole T-Mobile's source code in March, before police arrested seven of the group's more prolific members. Brian Krebs, a security journalist, shared private Telegram messages that show the group targeted the carrier multiple times.
A bad actor using stolen credentials was detected several weeks ago and the systems and processes were quickly shut down.
Lapsus$ first accessed T-Mobile's internal tools by buying stolen employee credentials. The group carried out a series of attacks. Those types of intrusions involve a hacker hijacking a mobile phone and transferring the number to a device in their possession. The attacker can use that access to intercept messages, including links to password resets and one-time codes. Some Lapsus$ members tried to hack into T-Mobile accounts associated with the FBI and Department of Defense but failed due to the additional verification measures tied to those accounts.
T-Mobile has been the target of hacks in recent years. In August of last year, the company confirmed that it had fallen victim to a hack that saw the personal data of more than 54 million of its customers compromised. The carrier may have paid a third-party firm to limit the damage from the sim swap attacks.
All Rights Reserved © 2024
