Lapsus$ hackers breached T-Mobile's systems and stole its source code – The Verge

Filed under:
No customer or government data was compromised
The Lapsus$ hacking group stole T-Mobile’s source code in a series of breaches that took place in March, as first reported by Krebs on Security. T-Mobile confirmed the attack in a statement to The Verge, and says the “systems accessed contained no customer or government information or other similarly sensitive information.”
In copies of private messages obtained by Krebs, the Lapsus$ hacking group discussed targeting T-Mobile in the week prior to the arrest of seven of its teenage members. After purchasing employees’ credentials online, the members could use the company’s internal tools — like Atlas, T-Mobile’s customer management system — to perform SIM swaps. This type of attack involves hijacking a target’s mobile phone by transferring its number to a device owned by the attacker. From there, the attacker can obtain texts or calls received by that person’s phone number, including any messages sent for multi-factor authentication.
According to screenshotted messages posted by Krebs, Lapsus$ hackers also attempted to crack into the FBI and Department of Defense’s T-Mobile accounts. They were ultimately unable to do so, as additional verification measures were required.
“Several weeks ago, our monitoring tools detected a bad actor using stolen credentials to access internal systems that house operational tools software,” T-Mobile said in an emailed statement to The Verge. “Our systems and processes worked as designed, the intrusion was rapidly shut down and closed off, and the compromised credentials used were rendered obsolete.”
T-Mobile has been the victim of several attacks over the years. Although this particular hack didn’t affect customers’ data, past incidents did. In August 2021, a breach exposed the personal information belonging to over 47 million customers, while another attack occurring just months later compromised “a small number” of customer accounts.
Lapsus$ has made a name for itself as a hacking group that primarily targets the source code of large technology companies, like Microsoft, Samsung, and Nvidia. The group, which is reportedly led by a teenage mastermind, has also targeted Ubisoft, Apple Health partner Globant, and authentication company Okta.
Subscribe to get the best Verge-approved tech deals of the week.
Please confirm your subscription to Verge Deals via the verification email we just sent you.

source

Share:

More Posts

Market Research

Pulse Surveys

Turn feedback into action

Our survey platform makes it easy to measure and understand feedback so you can drive growth and innovation

Pulse Handshak

Pulse Handshak

Collaborative online survey tool for the market research industry. Remote assisted surveying just like face-to-face interviews. Here interviewers can talk to the respondent over the web-console without the need for any other communication channel and share the same Q're with responses and click actions.

Pulse FE

Pulse FE

Pulse Field Expert or Pulse FE is the main platform for both offline and online survey at softofficepro.com. It is robust and used by hundreds of clients over tens of years with millions of responses. Do it once Q're and deploy on both offline devices (android) and online forms makes it a great cost effective platform for any kind of responses

Pulse Ultimate

Pulse Ultimate

Pulse Ultimate is targeted for tracking studies and retail audits. An offline survey system offering extreme field control including processes like data quality check, back-check, rework, comparison with previous wave data etc. helps to get the best results on a day-to-day basis

Pulse LS

Pulse LS

Use a managed Limesurvey and our expertise for creating complex forms and token based user management. Use optional mailing system to send survey invitation to each participant and track progress of the response status. Industry standard SPSS / R output supported