Tag Archive for: TMobile

Lapsus$ Hackers Targeted T-Mobile

/in


The Lapsus$ hacking group stole thousnads of user credentials using T-Mobile’s source code in a series of breaches that took place in March.  T-Mobile have confirmed that the hacking group gained access to their system “several weeks ago.” 

Lapsus$ is known for stealing data and then demanding a ransom not to publish or sell it. Lapsus$ is a cyber crime group that specialises in extortion attacks. It rose to prominence when it launched a ransomware attack against the Brazilian Ministry of Health in 2021, compromising sensitive data for millions of patients such as Covid-19 vaccine status.

T-Mobile stated that it mitigated the breach by terminating the hacking group’s access to the network and disabling the stolen credentials used in the breach.

The telecom company was responding to a report released by journalist Brian Krebs, who was able to access the internal chats from the private Telegram channel of the Lapsus$ members responsible for the attacks. Private chats uncovered by Krebs revealed that the Lapsus$ hacking group get hold of the T-Mobile VPN credentials on illicit platforms, including one known as Russian Market.  

Using these credentials Lapsus$ members can get access to the company’s internal tools like, Atlas an internal T-Mobile tool for managing customer accounts.

According to screenshot messages posted by Krebs, Lapsus$ hackers also attempted to break into the FBI and Department of Defense’s T-Mobile accounts. They were ultimately unable to do so, as additional verification measures were required. 

The attacks carried out by Lapsus$ are not sophisticated, usually initiated by the stolen credentials from underground marketplaces and then an attempt to bypass the multi-factor authentication using social-engineering schemes.

T-Mobile suffered several different data breaches since 2018, exposing the personal data of 23m customers in 2018. In 2019 1.26m prepaid customers were affected by a breach. In Aug 2021 T-Mobile suffered another data breach, where more than 40m customers were hacked and data stolen. Theses account belonged to former or prospective customer who had applied for credit with the company. 

The records of…

Source…

Bronx T-Mobile store workers use merchandise security tags to help NYPD track and arrest armed robber in Manhattan – New York Daily News

/in


Traceable electronic security tags on merchandise stolen from a Bronx cell phone store helped cops track down an armed robber after a wild chase Saturday on Manhattan’s Upper East Side, police said.

Two armed men ransacked a T-Mobile location on E. 149 St. near Union Ave. in Woodstock about 3:20 p.m., cops said.

One of the men fled on foot while the other drove off with the stolen goods in a gray BMW.

(File) Two armed men ransacked the T-Mobile location on E. 149 St. near Union Ave. in the Bronx on Saturday — and cops nabbed one of them with help from store workers and merchandise tracking devices. (Luiz C. Ribeiro/for New York Daily News)

Quick-thinking store employees began tracking the stolen electronics through security tags the thieves overlooked, police said.

Aided by the store workers and the trackers, cops followed the trail to the Upper East Side, where they soon found the BMW.

When they tried to pull over the car at E. 96 St. and Third Ave., the driver hit the gas, ramming a police vehicle as he tried to escape.

The crook made it just three blocks east when responding officers stopped the BMW on the southbound FDR Drive at E. 96 St.

The suspect ditched the BMW, ran one block up the highway, and tossed something into the East River before cops put him under arrest.

One of the arresting officers injured his wrist during the struggle.

The robber’s name and charges against him were not immediately released. His partner in crime was still being sought late Saturday.

The NYPD’s Harbor Unit and Aviation Unit were searching for the object he threw in the water Saturday evening.

Source…

T-Mobile Users Should Take Action After Data Hack, DC AG Warns

/in


DC Attorney General Karl Racine released a consumer alert, saying that victims of last year’s T-Mobile data breach should take necessary steps to avoid identity theft.

A large amount of personal information pertaining to T-Mobile users that was stolen in August 2021 was discovered to be for sale on the dark web, according to Racine’s statement issued on Wednesday, March 2.

Dark web is part of the internet, but requires specific software to access and is particularly popular among cyber criminals who seek to sell hacked information. 

T-Mobile announced on August 17, 2021, a massive data breach it suffered, saying that the sensitive personal data of millions of current, former, and prospective customers were compromised.

“The breach impacted more than 53 million individuals, including 243,680 District residents,” said the statement from Racine. “Among other categories of impacted information, millions had their names, dates of birth, Social Security Numbers, and driver’s license information compromised.”

Residents impacted by the cyber attack should place a fraud alert on their credit report, the Office of the Attorney General (OAG) said, adding that it would prompt lenders and creditors to take extra steps to verify the customer’s identity before issuing credit. 

To place a fraud alert, you can contact one of these credit companies:

+1 (888) 766-0008

+1 (888) 397-3742

+1 (800) 680-7289

You should also visit T-Mobile’s safety and identity theft protection webpage to learn more about common mobile fraud schemes and safety tips.

In addition, you can go to identitytheft.gov for assistance or contact OAG’s Office of Consumer Protection, if you believe you are a victim of identity theft.

Source…

T-Mobile and Deutsche Telekom launch IoT solution to simplify connectivity for enterprises

/in


T-Mobile US and Deutsche Telekom AG launched T-IoT, a comprehensive enterprise solution for global IoT connectivity, platform management and support.

T-Mobile Deutsche Telekom

With T-IoT, enterprises have one global team and one global solution to manage all their connections across borders! And it will be available across 188 destinations, on 383 networks worldwide.

“The Un-carrier rewrote the rules of wireless. Now, as America’s 5G leader, with the fastest, largest, and most reliable 5G network, we’re writing the rules of the 5G era, and we’re doing it in favor of customers and businesses,” said Mike Katz, President, T-Mobile Business Group. “With T-IoT and our award-winning networks, we’re poised to help businesses realize the true potential of IoT by completely disrupting the status quo of how IoT is purchased and managed.”

Unleashing the power of IoT

Despite all the excitement around IoT’s ability to make the connected world a reality, unlock valuable business insights, improve customer experience, cut operational costs, and boost efficiency—many enterprises haven’t fully captured value at scale from IoT. Why is this still happening in 2022? A major reason is that Carriers make enterprises jump through hoops to manage IoT connectivity globally. To deploy multinational IoT connections, enterprises have to cobble together a patchwork of operator agreements—all with different contracts, service level agreements, management interfaces, and customer support.

And 5G promises to take IoT to the next level, with cellular 5G IoT connections projected to make up 57 percent of all worldwide cellular IoT connections by 20251. With 5G’s ability to support low-latency, massive data use, and connect up to 100x more devices than 4G—enterprises have a HUGE opportunity to embrace new use cases and actionable data that will make the longstanding vision of 5G IoT a reality.

But the gap between the promise of 5G IoT and reality will be wide if managing all that connectivity and data remains unnecessarily complex.

Here’s why: Imagine millions of tracked assets moving across the globe. To stay connected to those assets, enterprises have to negotiate numerous contracts with multiple…

Source…