T-Mobile confirms Lapsus$ hackers breached internal systems

Gandalf_The_Grey

Level 61
Thread author
Verified
Helper
Top poster
Content Creator
Well-known
Apr 24, 2016
5,044
T-Mobile has confirmed that the Lapsus$ extortion gang breached its network "several weeks ago" using stolen credentials and gained access to internal systems.

The telecommunications company added that it severed the cybercrime group's access to its network and disabled the credentials used in the hack after discovering the security breach.

Per T-Mobile, the Lapsus$ hackers didn't steal sensitive customer or government information during the incident.

"Several weeks ago, our monitoring tools detected a bad actor using stolen credentials to access internal systems that house operational tools software," a T-Mobile spokesperson told BleepingComputer.

"The systems accessed contained no customer or government information or other similarly sensitive information, and we have no evidence that the intruder was able to obtain anything of value.

"Our systems and processes worked as designed, the intrusion was rapidly shut down and closed off, and the compromised credentials used were rendered obsolete."

Independent investigative journalist Brian Krebs first reported the breach after reviewing leaked Telegram chat messages between Lapsus$ gang members.

While inside the mobile carrier's network, the cybercriminals were able to steal proprietary T-Mobile source code, according to Krebs.
 

MuzzMelbourne

Level 5
Mar 13, 2022
156
Telecom company T-Mobile on Friday confirmed that it was the victim of a security breach in March after the LAPSUS$ mercenary gang managed to gain access to its networks. The acknowledgment came after investigative journalist Brian Krebs shared internal chats belonging to the core members of the group indicating that LAPSUS$ breached the company several times in March prior to the arrest of its…

T-Mobile Admits Lapsus$ Hackers Gained Access to its Internal Tools and Source Code
 

upnorth

Moderator
Verified
Staff member
Malware Hunter
Well-known
Jul 27, 2015
4,878
giphy-126.gif
 

upnorth

Moderator
Verified
Staff member
Malware Hunter
Well-known
Jul 27, 2015
4,878
T-Mobile suffered six different data breaches since 2018. A leaky API caused a data breach for 2.3 million customers in 2018. One year later in 2019 1.26 million prepaid were affected by a breach.

In Aug 2021 T-Mobile suffered another data breach, where more than 40 million customer data were stolen. The account belongs to the former or prospective customer who has applied for credit with the company. The records of the customer were up for the sale in the same year, the breached data include Personal Identifiable Information such as – Social Security Numbers, Phone Numbers and Security PINs.