Security News > 2022 > April > T-Mobile confirms Lapsus$ hackers breached internal systems
T-Mobile has confirmed that the Lapsus$ extortion gang breached its network "Several weeks ago" using stolen credentials and gained access to internal systems.
Per T-Mobile, the Lapsus$ hackers didn't steal sensitive customer or government information during the incident.
"Several weeks ago, our monitoring tools detected a bad actor using stolen credentials to access internal systems that house operational tools software," a T-Mobile spokesperson told BleepingComputer.
Since 2018, T-Mobile has disclosed six other data breaches, including one where hackers accessed data belonging to 3% of its customers.
In December 2020, hackers also gained access to customer proprietary network information, and in February 2021, an internal T-Mobile application was accessed without authorization by attackers.
In the wake of the August 2021 breach, T-Mobile unsuccessfully tried to stop the stolen data from being leaked online after paying the hackers $270,000 through a third-party firm, per a VICE report.
News URL
Related news
- Chinese Hackers Exploit T-Mobile and Other U.S. Telecoms in Broader Espionage Campaign (source)
- T-Mobile pays $31.5 million FCC settlement over 4 data breaches (source)
- T-Mobile US fined $31.5M for network security breaches between 2021 and 2023 (source)
- T-Mobile confirms it was hacked in recent wave of telecom breaches (source)
- T-Mobile US 'monitoring' China's 'industry-wide attack' amid fresh security breach fears (source)
- Ghost Tap: Hackers Exploiting NFCGate to Steal Funds via Mobile Payments (source)