The Lapsus$ hacking group managed to steal T-Mobile’s source code in a series of breaches in March. While the systems were said to have contained no customer or government information, or sensitive information, they managed to affect many people.
After purchasing employees’ credentials online, hackers could use internal company tools to perform SIM swaps and hijack customers’ numbers. This allows for an attacker to receive calls or texts to that number, which could include MFA texts.
The same hackers had also attempted to crack into the FBI and Department of Defence’s T-Mobile accounts, according to further data. Despite not being able to do so due to MFA, it is a stark reminder that these groups can pose serious threats.
To keep yourself protected from threats like this, make sure to train your end-users and turn on extra authentication methods to prevent single passwords from providing access to hackers.