Hackers Gained Access To T-Mobile VPNs, Customer Service, And Source Code
from the you'r-e-not-very-good-at-this dept
U.S. wireless company T-Mobile hasn’t had what you’d call a stellar track record on privacy or security. Last year, the company was forced to acknowledge that hackers had obtained the personal details (including social security numbers) of more than 53 million T-Mobile customers, the sixth time the company had been meaningfully compromised in as many years.
Last week, the company was forced to acknowledge that the Lapsus$ hacking group stole T-Mobile’s source code in a series of breaches that took place in March. While no consumer data was obtained (that we know of; these breaches always wind up being much worse than originally acknowledged), hackers obtained source code on numerous company projects thanks (in part) to human engineering:
The logs indicate LAPSUS$ had exactly zero problems buying, stealing or sweet-talking their way into employee accounts at companies they wanted to hack.
Several teen members of the group were arrested in London last month. The group was one of several hacking organizations that had easily targeted T-Mobile to engage in SIM swapping or SIM hijacking, the act of bribing employees to help them port a user’s cell number right out from beneath them, opening the door to all kinds of surveillance and identity or cryptocurrency theft.
SIM hijacking has become a big enough problem in recent years to gain the attention of prominent lawmakers like Senator Ron Wyden. Though this only occurred after years of consumer complaints and several major lawsuits against T-Mobile by major cryptocurrency investors who say they lost millions to the scams.
Public Telegram chat logs (a major reason for the group’s unraveling) document how it obtained T-Mobile VPN credentials, had access to numerous T-Mobile employee accounts and Atlas, a powerful internal T-Mobile tool used for managing customer accounts. The group also (unsuccessfully) tried to use their access to compromise T-Mobile accounts associated with the FBI and Department of Defense.
While again, this didn’t include the group gaining access to consumer accounts (that we know of), it’s still an ugly look for T-Mobile, and likely could have set the stage for other, successive intrusions. Granted this is all before mentioning that T-Mobile has also repeatedly made headlines over the last few years thanks to its over-collection of consumer location data it similarly failed to adequately secure.
Filed Under: consumer privacy, department of defense, fbi, hacking, lapsus$, privacy, sim hijacking, sim swapping, telecom, vpn
Companies: t-mobile
Comments on “Hackers Gained Access To T-Mobile VPNs, Customer Service, And Source Code”
Not being fully online for years, I didn’t know about the previous breaches of T-Mobile security, so I went with Tesco Mobile rather than EE for a totally different reason. And now am I ever glad I did!
Re:
Not that the issues aren’t relevant, but the US T-Mobile network probably doesn’t have much to do with the European and UK networks outside of the brand name. There may be some overlap, but I suspect a lot of the issues described are restricted to the US.
Someone please correct me if I’m wrong, but that’s been my general impression with their woes over there.
Re: Re:
There’s this: https://www.heraldscotland.com/news/19281640.ee-sky-virgin-media-talktalk-vodafone-millions-at-hacking-risk-outdated-routers-warning/ I found it by searching ‘EE hack’.
Cite quote sources
Disingenuous to quote from Krebs but not make clear from whom you quoted.
Re:
Disingenuous to claim that was a quote from Krebs, rather than a quote from an article summarizing more through claims made by krebs.
Re: Re:
A good level of reading comprehension makes it clear that the “quote from Krebs” line was referring to the response, not the quotation from the article. I guess Autie’s not your only target, huh.
“The group also (unsuccessfully) tried to use their access to compromise T-Mobile accounts associated with the FBI and Department of Defense.”
Because they have been so honest after all the other times they fscked up.
T-Mobile
Somebody isn’t hacking T-Mobile T-Mobile is doing the hacking because it happened to me Wednesday November 9 shut down to make calls blocked all my connections to contact sprint change my model number for my phone serial number for my phone changed my account to expired change network not available and changed all. The mid numbers sim number vin number not available they took over my phone threatening me scaring me harassing me for 3 days wanting my PIN number they stole my identity I need help I don’t know what to do
Network hacking to gain customer
What is happening to is unbelievable and has to do with merger between sprint and T-Mobile and T-Mobile is hacking sprint customers to gain control they have be stopped look at T-Mobile records for all their hacking it’s T-Mobile doing the hacking