Security News > 2022 > April > T-Mobile hit by data breaches from Lapsus$ extortion group

T-Mobile hit by data breaches from Lapsus$ extortion group.

T-Mobile was the victim of a series of data breaches carried out by the Lapsus$ cybercrime group in March.

Surfacing around December of 2021, Lapsus$ has made a name for itself with a blend of different tactics, including buying stolen data on the dark web, scanning public code repositories for exposed credentials, using password stealers, paying employees to share sensitive data and employing social engineering tricks to gain access to confidential accounts.

"Lapsus$ attacks aren't highly sophisticated. They usually initiate their attacks by using stolen credentials and then attempt to bypass multi-factor authentication using social engineering schemes. It is likely that Lapsus may be acquiring these credentials from underground marketplaces and AVC sites, such as the Russian market, which offer a variety of credentials for sale at a low price."

The attacks staged by Lapsus$ point to the hazards of using SMS messages or phone calls for MFA, according to Righi, as the group has relied on phone-based social engineering schemes to compromise accounts.

Also See Share: T-Mobile hit by data breaches from Lapsus$ extortion group.

News URL

https://www.techrepublic.com/article/t-mobile-data-breach-lapsus/