T-Mobile, one of the US’s largest telecommunications companies, reported that the malicious hacking group Lapsus$ attempted to gain access to its systems several weeks ago. The telecom giant responded to a report released by journalist Brian Krebs, who was able to access the internal chats from the private Telegram channel of the Lapsus$ members responsible for the attacks. T-Mobile stated that it mitigated the breach by terminating the hacking group’s access to the network and disabling the stolen credentials used in the breach.

Lapsus$ is a cybercrime group that specializes in extortion attacks. It rose to prominence when it launched a ransomware attack against the Brazilian Ministry of Health in 2021, compromising sensitive data for millions of patients such as Covid-19 vaccine status. In March, the City of London Police reportedly arrested several people suspected to have connections to the gang. Krebs allegedly uncovered private chats that revealed the group was able to obtain T-Mobile VPN credentials via an illicit marketplace. The company then attempted to use the credentials in an attack against T-Mobile.