Security News

T-Mobile hit by data breaches from Lapsus$ extortion group. T-Mobile was the victim of a series of data breaches carried out by the Lapsus$ cybercrime group in March.

The company added that it has mitigated the breach by terminating the hacker's group access to its network and disabled the stolen credentials that were used in the breach. Using these credentials Lapsus$ members can get access to the company's internal tools like - Atlas an internal T-Mobile tool for managing customer accounts.

Telecom company T-Mobile on Friday confirmed that it was the victim of a security breach in March after the LAPSUS$ mercenary gang managed to gain access to its networks. "T-Mobile, in a statement, said that the incident occurred"several weeks ago, with the "Bad actor" using stolen credentials to access internal systems.

T-Mobile has confirmed that the Lapsus$ extortion gang breached its network "Several weeks ago" using stolen credentials and gained access to internal systems. Per T-Mobile, the Lapsus$ hackers didn't steal sensitive customer or government information during the incident.

Identity and access management provider Okta on Tuesday said it concluded its probe into the breach of a third-party vendor in late January 2022 by the LAPSUS$ extortionist gang. Stating that the "Impact of the incident was significantly less than the maximum potential impact" the company had previously shared last month, Okta said the intrusion impacted only two customer tenants, down from 366 as was initially assumed.

Identity and access management firm Okta says an investigation into the January Lapsus$ breach concluded the incident's impact was significantly smaller than expected. Okta admitted last month it made a mistake delaying the disclosure of a January breach from the Lapsus$ data extortion group, an error caused by the company not being aware of the extent of the incident and its impact on customers.

Globant itself posted an official warning with the US Securities and Exchange Commission stating that "We have recently detected that a limited section of our company's code repository has been subject to unauthorized access." The mystery of who, what and where the LAPSUS$ kingpins are located deepened yet further last Friday, when City of London Police noted that two suspects, aged 16 and 17 - presumably two of the seven whose arrest-and-release had been reported earlier - were due in court that morning [2022-04-01]:. Two teenagers have been charged in connection with an investigation into members of a hacking group.

Two teenagers from the UK charged with helping the Lapsus$ extortion gang have been released on bail after appearing in the Highbury Corner Magistrates Court court on Friday morning. According to a statement from Detective Inspector Michael O'Sullivan of the City of London Police, a 16-year-old and a 17-year-old were charged following an international investigation into members of a hacking group.

The City of London Police on Friday disclosed that it has charged two of the seven teenagers, a 16-year-old and a 17-year-old, who were arrested last week for their alleged connections to the LAPSUS$ data extortion gang. "Both teenagers have been charged with: three counts of unauthorized access to a computer with intent to impair the reliability of data; one count of fraud by false representation and one count of unauthorized access to a computer with intent to hinder access to data," Detective Inspector Michael O'Sullivan, from the City of London Police, said in a statement.

British police have charged two teenagers as part of an international investigation into the Lapsus$ cyber extortion gang. "Both teenagers have been charged with: three counts of unauthorised access to a computer with intent to impair the reliability of data; one count of fraud by false representation and one count of unauthorised access to a computer with intent to hinder access to data. The 16-year-old has also been charged with one count of causing a computer to perform a function to secure unauthorised access to a program," he said.