Lapsus$ hackers targeted T-Mobile source code in latest data breach

Lapsus TMobile Data Breach

Lapsus TMobile Data Breach

The Lapsus$ hacking group has claimed another victim: U.S. telecom giant T-Mobile.

T-Mobile’s latest security incident — the seventh data breach in the past four years — was first revealed by security journalist Brian Krebs, who obtained a week’s worth of private chat messages between the core members of Lapsus$, a hacking and extortion group that gained notoriety in recent months after targeting tech giants Nvidia, Ubisoft, and Okta. The messages obtained by Krebs were sent in a private Telegram channel during the week leading up to the arrests of the gang’s most active members in March. At least two Lapsus$ members — a 16-year-old and a 17-year-old — were subsequently charged with multiple cyber offenses.

The messages show that Lapsus$ had access to T-Mobile’s network by compromising employee accounts, either by buying leaked credentials or through social engineering. This gave Lapsus$ access to T-Mobile’s internal tools, including Atlas, used for managing customer accounts, which the hackers used in an attempt to find T-Mobile accounts associated with the FBI and Department of Defense, but was blocked as the access needed additional checks.

UK police charge 2 teenagers in connection with Lapsus$ hacks

Through this employee account access, the hackers were in a position to carry out SIM-swap attacks, where hackers reassign a target’s cell phone number to a device under their control, which then allows for the interception of phone calls and text messages that can be used to further break into a victim’s accounts and also obtain two-factor authentication codes.

T-Mobile did not respond to multiple requests for comment but told news outlets that “no customer or government information” was accessed during the incident.

However, Krebs reports that the hackers were able to steal source code for a range of company projects — just as the group had done with Samsung, Microsoft, and Globant.


Lapsus TMobile Data Breach

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Posts