T-Mobile’s code was stolen by the Lapsus$ hacking group in a series of breaches in March, as first reported by Krebs on Security. In a statement to The Verge, T-Mobile confirmed the attack and stated that the “systems accessed contained no customer or government information or other similarly sensitive information.”
The Lapsus$ hacking gang discussed attacking T-Mobile in the week preceding the arrest of seven of its adolescent members, according to copies of private communications recovered by Krebs. After acquiring workers’ credentials online, members may make SIM swaps using the company’s internal technologies, such as Atlas, T-customer Mobile’s management system. This form of attack includes moving a target’s phone number to a device owned by the attacker. The attacker can then acquire all texts or phone calls received by that person’s phone number, as well as any messages submitted for multi-factor authentication.