Hackers Gained Access To T-Mobile VPNs, Customer Service, And Source Code

from the you'r-e-not-very-good-at-this dept

U.S. wireless company T-Mobile hasn’t had what you’d call a stellar track record on privacy or security. Last year, the company was forced to acknowledge that hackers had obtained the personal details (including social security numbers) of more than 53 million T-Mobile customers, the sixth time the company had been meaningfully compromised in as many years.

Last week, the company was forced to acknowledge that the Lapsus$ hacking group stole T-Mobile’s source code in a series of breaches that took place in March. While no consumer data was obtained (that we know of; these breaches always wind up being much worse than originally acknowledged), hackers obtained source code on numerous company projects thanks (in part) to human engineering:

The logs indicate LAPSUS$ had exactly zero problems buying, stealing or sweet-talking their way into employee accounts at companies they wanted to hack.

Several teen members of the group were arrested in London last month. The group was one of several hacking organizations that had easily targeted T-Mobile to engage in SIM swapping or SIM hijacking, the act of bribing employees to help them port a user’s cell number right out from beneath them, opening the door to all kinds of surveillance and identity or cryptocurrency theft.

SIM hijacking has become a big enough problem in recent years to gain the attention of prominent lawmakers like Senator Ron Wyden. Though this only occurred after years of consumer complaints and several major lawsuits against T-Mobile by major cryptocurrency investors who say they lost millions to the scams.

Public Telegram chat logs (a major reason for the group’s unraveling) document how it obtained T-Mobile VPN credentials, had access to numerous T-Mobile employee accounts and Atlas, a powerful internal T-Mobile tool used for managing customer accounts. The group also (unsuccessfully) tried to use their access to compromise T-Mobile accounts associated with the FBI and Department of Defense.

While again, this didn’t include the group gaining access to consumer accounts (that we know of), it’s still an ugly look for T-Mobile, and likely could have set the stage for other, successive intrusions. Granted this is all before mentioning that T-Mobile has also repeatedly made headlines over the last few years thanks to its over-collection of consumer location data it similarly failed to adequately secure.

Filed Under: , , , , , , , , ,
Companies: t-mobile

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Hackers Gained Access To T-Mobile VPNs, Customer Service, And Source Code”

Subscribe: RSS Leave a comment
PaulT (profile) says:


Not that the issues aren’t relevant, but the US T-Mobile network probably doesn’t have much to do with the European and UK networks outside of the brand name. There may be some overlap, but I suspect a lot of the issues described are restricted to the US.

Someone please correct me if I’m wrong, but that’s been my general impression with their woes over there.

Anonymous Coward says:


Somebody isn’t hacking T-Mobile T-Mobile is doing the hacking because it happened to me Wednesday November 9 shut down to make calls blocked all my connections to contact sprint change my model number for my phone serial number for my phone changed my account to expired change network not available and changed all. The mid numbers sim number vin number not available they took over my phone threatening me scaring me harassing me for 3 days wanting my PIN number they stole my identity I need help I don’t know what to do

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...