The gang broke into the network provider’s systems several times in March, T-Mobile itself admits in a statement. According to the company, no customer data or other sensitive data was leaked.
About a week before seven of the members of Lapsus$ were arrested, they discussed a break-in on T-Mobile’s systems. That writes researcher Brian Krebs based on leaked chat messages. The burglary has now also been confirmed by T-Mobile itself.
Lapsus$ members are said to have purchased online logins from T-Mobile employees to perform SIM swaps through the company’s internal tools. With such a SIM swap, an attacker can take over someone’s mobile phone number to, for example, intercept messages from multi-step authentication.
In a statement to tech site The Verge, T-Mobile reports that its internal systems were addressed with stolen logins but quickly resolved the burglary. Lapsus$ is a gang of apparent teenagers who have been noticed in recent weeks with hacks from, among others, Okta, a maker of authentication software, but also Microsoft, Samsung and Nvidia.
