T-Mobile systems have been hacked by the Lapsus$ hacking group and stolen its source code in breaches that happened in March as reported by KrebsonSecurity.
T-Mobile confirmed the attack on it’s systems and says the accessed system doesn’t contain any customer or government information or any other sensitive information.
In the copies of telegram chats obtained by Kerbs, Lapsus$ hacking group discussed targeting the T-mobile system a week prior to the arrest of its members.
Lapsus$ group is known for stealing the data and demanding a ransom to not publish in public or sell to others.
The messages in the telegram show Lapsus$ continuously targeted the T-Mobile employees to access their internal company tools. If they have got access to the internal tools then they can do hassle-free SIM Swaps.
These unauthorized SIM swaps may lead the attackers to intercept the calls and messages which can include OTPs and other sensitive data which can lead to huge losses.
On March 19, 2022, the logs and screenshots shared in the group shows that Lapsus$ gained access to one of the powerful internal tool for managing customer accounts.
Later to the gaining access to the T-Mobile internal tool atlas, they started to look up for T-Mobile accounts associated with the FBI and the Department of Defense. As these details require additional verification, they could not be processed.
Lapsus$ is known for primarily targets the source code of large technology companies like Samsung, Microsoft, Nvidia, and more.