Security News > 2022 > April > T-Mobile confirms Lapsus$ hackers breached internal systems
T-Mobile has confirmed that the Lapsus$ extortion gang breached its network "Several weeks ago" using stolen credentials and gained access to internal systems.
Per T-Mobile, the Lapsus$ hackers didn't steal sensitive customer or government information during the incident.
"Several weeks ago, our monitoring tools detected a bad actor using stolen credentials to access internal systems that house operational tools software," a T-Mobile spokesperson told BleepingComputer.
Since 2018, T-Mobile has disclosed six other data breaches, including one where hackers accessed data belonging to 3% of its customers.
In December 2020, hackers also gained access to customer proprietary network information, and in February 2021, an internal T-Mobile application was accessed without authorization by attackers.
In the wake of the August 2021 breach, T-Mobile unsuccessfully tried to stop the stolen data from being leaked online after paying the hackers $270,000 through a third-party firm, per a VICE report.