T-Mobile Suffers Data Breach
Table of Contents
- By Steven
- Published: Apr 25, 2022
- Last Updated: Apr 25, 2022
T-Mobile has been hacked again. This time, Lapsus$ hackers are responsible for the attack. Here is a quick look at T-Mobile’s latest digital security breach details.
Was Sensitive Information Stolen?
No. T-Mobile representatives have stated no sensitive information pertaining to its customers or employees was leaked. Furthermore, no information related to the government was exposed during the attack. Lapsus$ hackers reportedly breached the wireless carrier’s internal system several times.
How Did the Attack Occur?
Lapsus$ hackers illegally accessed the telecommunications provider’s internal network. The hackers performed the breach by accessing employee accounts.
What Information was Stolen?
According to Brian Krebs, an information security writer who viewed chat messages exchanged between Lapsus$ members, those messages reveal the hacking collective stole the source code pertaining to a wide array of the company’s projects. Furthermore, one of the telecom’s representatives reached out to Krebs, stating that the company’s monitoring tools identified bad actors using pilfered login credentials to illegally enter its internal systems that contain operational software tools.
A T-Mobile representative also stated that the hack did not result in the theft of any information that had considerable value. In short, it appears as though T-Mobile’s digital defenses worked as they should, quickly shutting down the illegal intrusion and preventing additional unauthorized access. The credentials that were used to access the system were then made nonfunctional to prevent additional hacks. However, the mere fact that the telecom specialist was hacked indicates its cyber security protections are lacking.
What Strategies Does Lapsus$ Employ in Its Hacks?
Lapsus$ hackers obtain access to targeted businesses such as T-Mobile by purchasing that access on the black market. Often, hackers turn to the Russian market, where access to compromised corporate systems is sold at a high frequency. Login credentials and access are sold to the hacking collective and then used for extortion purposes. The Lapsus$ hackers then perform the hack with the stolen login credentials as well as social engineering that tricks the targeted company’s employees into handing over login credentials or other valuable information.
Lapsus$ hackers are especially skilled at exploiting tools on native operating systems for personal gain. The hackers also use RedLine password stealing, in which they pay workers at targeted businesses to share login credentials or other information to illegally access systems.
Is This T-Mobile’s First Hack?
No. T-Mobile was also hacked earlier this year. The telecom’s initial hack in 2022 resulted from a SIM swap attack that impacted slightly more than 100 million customers. Rewind to the summer of 2021, and T-Mobile was victimized in yet another data breach. This data breach affected more than 50 million customers. The customers’ information was stolen. The digital criminals behind the attack tried to use the stolen information to extort a couple million dollars from the company.
All in all, T-Mobile has been targeted by digital attacks half a dozen times across the previous three years. It is worth noting that 100 million of the telecom’s data records were listed for sale on the web after the data breach that occurred in the summer of 2021. Those data records include highly sensitive and valuable information such as customers’ social security numbers, names, addresses, drivers’ license numbers, security PIN codes, birthdates, and more.
