T-Mobile hit by privacy breaches by ransomware group Lapsus$

51

Multiple security breaches allowed cybercriminal group Lapsus$ to steal T-Mobile’s source code, says KrebsOnSecurity.

Image: mandritoiu/Adobe Stock

T-Mobile fell victim to a series of data breaches carried out by cybercrime group Lapsus$ in March. In a Friday post, security site KrebsOnSecurity revealed leaked chat messages between members of the Lapsus$ gang, in which they discussed attacking T-Mobile employees using social engineering tactics aimed at gaining them access to a victim’s cell phone number provide. Known as SIM swapping, this tactic reassigns a phone number to an attacker’s device, allowing them to intercept text messages and phone calls to reset passwords and multi-factor authentication codes.

SEE: Mobile Device Security Policy (TechRepublic Premium)

Using T-Mobile VPN credentials purchased on the Dark Web, Lapsus$ members were able to gain access to Atlas, a T-Mobile tool…



Source link

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.