San Francisco, Apr 23 (IANS): Lapsus$ hacking group that hit top tech firms like Microsoft, Nvidia, Samsung and Vodafone, has now hacked into the top US telecom carrier.
Revealed by security journalist Brian Krebs, the data breach gave Lapsus$ access to T-Mobile’s network by compromising employee accounts, “either by buying leaked credentials or through social engineering”.
“This gave the hackers access to T-Mobile’s internal tools, acewhich the hackers used in an attempt to find T-Mobile accounts associated with the FBI and Department of Defense, but were blocked as the access needed additional checks,” reports TechCrunch.
T-Mobile said “no customer or government information” was accessed during the incident.
Krebs said that the hackers were able to steal source code for a range of company projects.
“Several weeks ago, our monitoring tools detected a bad actor using stolen credentials to access internal systems that house operational tools software,” the company said in a statement.
“Our systems and processes worked as designed, the intrusion was rapidly shut down and closed off, and the compromised credentials used were rendered obsolete.”
T-Mobile has confirmed six other previous data breaches since 2018.
Earlier this month, the City of London Police charged two teenagers with multiple cyber offences, just a week after they arrested seven individuals as part of its investigation into Lapsus$ hacking group.
“Two teenagers, a 16-year-old and a 17-year-old, have been charged in connection with this investigation and remain in police custody,” said the police.
First surfaced in December 2021, the Lapsus$ hacking group recently broke into software development consultancy Globant.