That reports that Online magazine Bleeping Computer. When asked by the magazine, T-Mobile USA confirmed access. It says that “a few weeks ago” external access to the company network was discovered with stolen access data. Unknown persons had gained access to internal systems. After discovering the security breach, T-Mobile cut off the cybercriminals’ access to its network and disabled the credentials used for the hack. It quickly became clear that the blackmailer gang Lapsus$ was behind the attack.
Infographic cyber attacks from the east: hackers target German companies
No access to customer data
According to T-Mobile, the gang only had access to various internal systems that were not related to sensitive data, let alone customer data. Customers therefore need not fear that their data will soon be sold on the dark web.
T-Mobile also found no evidence after initial investigations that the intruder “could obtain anything of value,” a company spokesman said. “Our systems and processes worked as designed, the intrusion was quickly terminated and completed, and the compromised credentials used were rendered obsolete.”
Security expert and journalist Brian Krebs initially reported that the cybercriminals had stolen protected source code from T-Mobile. The company disagrees. Microsoft, Samsung, Nvidia, Ubisoft and Vodafone were also victims of the Lapsus$ group in the recent past, before law enforcement briefly stopped the group. Lapsus$ is now active again.