Lapsus$ hacking group has hacked the mobile network of T-Mobile US, one of the top US telecom carriers.
The data breach gave Lapsus$ access to T-Mobile’s network by compromising employee accounts, either by buying leaked credentials or through social engineering, according to security journalist Brian Krebs.
“This gave the hackers access to T-Mobile’s internal tools, which the hackers used in an attempt to find T-Mobile accounts associated with the FBI and Department of Defense, but were blocked as the access needed additional checks,” TechCrunch reported.
T-Mobile said no customer or government information was accessed during the cyber security incident.
Brian Krebs said that the hackers were able to steal source code for a range of company projects.
“Several weeks ago, our monitoring tools detected a bad actor using stolen credentials to access internal systems that house operational tools software,” T-Mobile said in a statement.
“Our systems and processes worked as designed, the intrusion was rapidly shut down and closed off, and the compromised credentials used were rendered obsolete.”
T-Mobile faced six other previous data breaches since 2018.
Lapsus$ hacking group earlier attacked top tech firms like Microsoft, Nvidia, Samsung and Vodafone.
Earlier this month, the City of London Police charged two teenagers with multiple cyber offences, just a week after they arrested seven individuals as part of its investigation into Lapsus$ hacking group.