T-Mobile officially admitted that Lapsus$ threat group was behind most of the intrusions at its internal system…

Continue reading
T-Mobile has revealed that the Lapsus$ extortion ring hacked into its network _" a few weeks ago"_ and got access to internal systems using stolen credentials.
After finding the security breach, the telecoms firm banned the cybercrime group's access to its network and disabled the credentials used in the intrusion.
The Lapsus$ hackers, according to T-Mobile, did not steal any critical customer or government information during the incident.
_"Several weeks ago, our monitoring tools discovered a rogue actor using stolen credentials to access internal networks that store operational tools software."_according to a spokeswoman of T-Mobile. _"We have no evidence that the intruder was able to get anything of value from the systems accessed, and we have no evidence that the intruder obtained any customer or government information or other similarly sensitive information."_
_"Our systems and processes performed as expected, the breach was quickly detected and stopped, and the compromised credentials were rendered useless."_
Following the study of hacked Telegram chat conversations between Lapsus$ gang members, independent investigative journalist Brian Krebs first revealed the incident.
According to Krebs, the fraudsters could obtain secret T-Mobile source code while within the mobile carrier's network.
T-Mobile has acknowledged six additional data breaches since last year, including one in which hackers gained access to the personal information of 3% of its customers.
Unknown threat actors obtained access to T-Mobile workers' email accounts in March 2020, a year after T-Mobile disclosed it had compromised prepaid consumers' data.
Hackers additionally gained access to consumer private network information (phone numbers, call history) in December 2020, and attackers gained unauthorized access to an internal T-Mobile application in February 2021.
Following a breach of T-testing Mobile's environments in August, attackers brute-forced their way into the network.
According to a VICE investigation, T-Mobile tried unsuccessfully to prevent the stolen data from being posted online after paying the hackers $270,000 through a third-party firm after the August 2021 breach.
After some of their stolen sensitive information turned up for sale on the dark web, the New York State Office of the Attorney General (NY OAG) alerted victims of T-August Mobile's data breach that they face elevated identity theft risks.
T-Mobile customers were also informed earlier this month by the New Jersey Cybersecurity & Communications Integration Cell (NJCCIC) of an unblockable SMS phishing campaign likely targeting them using information obtained in previous data breaches.

148 malicious npm packages masquerading as student proxy and school Wi-Fi bypass tools. Rather than compromising developers during installation