The breach’s significance has been downplayed by the business.
Although T-Mobile has revealed that its digital premises were infiltrated by the renowned Lapsus$ hackers, the telecoms company downplayed its impact on its customers.
Hackers were reportedly unable to glean any important information from the intrusion, according to BleepingComputer’s report.
‘Our monitoring tools discovered a bad actor using stolen credentials to access internal networks that hold operational tool software a few weeks ago,’ a T-Mobile representative told the outlet.
stealing the code for a programme
This time, T-Mobile went much more information about exactly what the attackers were able to access and how they reacted.
‘The systems visited included no customer or government information or any similarly sensitive information, and we have no indication that the intruder was able to get anything of value,’ said the organisation.”…
System and process failures were quickly remedied and compromised credentials were deemed obsolete since everything performed as expected.
Other publications, on the other hand, provide contradicting accounts of the stolen data’s nature.
Leaked chat logs purportedly depicting a dialogue between members of Lapsus$ reveal that the organisation has stolen T-Mobile source code, according to a claim from security expert Brian Krebs. Source code repositories belonging to more than 30,000 endpoint devices, according to the research.
An internal T-Mobile management tool called Atlas, as well as business Slack and Bitbucket accounts have also reportedly been seized by this organisation.
In addition, the article says it is unknown why someone would want to steal source code, but Krebs hypothesises that it may be for extortion or to make money on the black market.
During the last four years, T-Mobile has acknowledged seven data breaches, including one in which threat actors gained access to the data of 3% of the company’s whole user base.
Customer complaints about “unblockable” SMS-based phishing assaults have recently been reported to the FBI, which is tied to one of the previous breaches.