Security News

Ex-T-Mobile US store owner phished staff, raked in $25m from unlocking phones
2022-08-03 20:17

A now-former T-Mobile US store stole at least 50 employees' work credentials to run a phone unlocking and unblocking service that prosecutors said netted $25 million. Argishti Khudaverdyan, 44, of Burbank, California, was found guilty of 14 criminal charges [PDF] by a US federal jury on Friday.

Mobile store owner hacked T-Mobile employees to unlock phones
2022-08-02 15:02

A former owner of a T-Mobile retail store in California has been found guilty of a $25 million scheme where he illegally accessed T-Mobile's internal systems to unlock and unblock cell phones. "From August 2014 to June 2019, Khudaverdyan fraudulently unlocked and unblocked cellphones on T-Mobile's network, as well as the networks of Sprint, AT&T and other carriers," details the announcement of the U.S. Department of Justice.

T-Mobile US to cough up $550m after info stolen on 77m customers
2022-07-25 20:58

T-Mobile US has agreed to pay about $550 million to end legal action against it and improve its security after crooks infiltrated the self-described Un-carrier last summer and harvested personal data belonging to almost 77 million customers. The cellular network operator agreed to pay $350 million plus legal fees to settle a class-action lawsuit brought by customers whose data was compromised in an August 2021 privacy breach, according to documents filed with the US Securities and Exchange Commission on Friday.

T-Mobile to cough up $500 million over 2021 data breach
2022-07-25 18:20

Just under a year ago, the US arm of telecomms giant T-Mobile admitted to a data breach after personal information about its customers was offered for sale on an underground forum. At the time, VICE Magazine claimed to have communicated with the hacker behind the breach via online chat, and to have been offered "T-Mobile USA. Full customer info."

T-Mobile hit by data breaches from Lapsus$ extortion group
2022-04-25 19:59

T-Mobile hit by data breaches from Lapsus$ extortion group. T-Mobile was the victim of a series of data breaches carried out by the Lapsus$ cybercrime group in March.

Lapsus$ Hackers Target T-Mobile
2022-04-25 13:32

The company added that it has mitigated the breach by terminating the hacker's group access to its network and disabled the stolen credentials that were used in the breach. Using these credentials Lapsus$ members can get access to the company's internal tools like - Atlas an internal T-Mobile tool for managing customer accounts.

T-Mobile Admits Lapsus$ Hackers Gained Access to its Internal Tools and Source Code
2022-04-23 01:47

Telecom company T-Mobile on Friday confirmed that it was the victim of a security breach in March after the LAPSUS$ mercenary gang managed to gain access to its networks. "T-Mobile, in a statement, said that the incident occurred"several weeks ago, with the "Bad actor" using stolen credentials to access internal systems.

T-Mobile confirms Lapsus$ hackers breached internal systems
2022-04-22 15:19

T-Mobile has confirmed that the Lapsus$ extortion gang breached its network "Several weeks ago" using stolen credentials and gained access to internal systems. Per T-Mobile, the Lapsus$ hackers didn't steal sensitive customer or government information during the incident.

T-Mobile customers warned of unblockable SMS phishing attacks
2022-04-15 18:14

An ongoing phishing campaign targets T-Mobile customers with malicious links using unblockable texts sent via SMS group messages. The New Jersey Cybersecurity & Communications Integration Cell issued a warning after multiple customers have filed reports of being targeted by this new SMS phishing campaign.

NY OAG warns T-Mobile data breach victims of identity theft risks
2022-03-04 03:17

The New York State Office of the Attorney General warned victims of the August 2021 T-Mobile data breach that they faced identity theft risks after some of the stolen information ended up for sale on the dark web. The alert comes after individuals impacted in the incident were notified by identity theft protection services that their info was found online, demonstrating that affected consumers are now at heightened risk for identity theft.