T-Cellular has denied it was breached or that supply code was stolen after a menace actor claimed to be promoting stolen information from the telecommunications firm.
“T-Mobile systems have not been compromised. We are actively investigating a claim of an issue at a third-party service provider,” T-Cellular shared in an announcement to BleepingComputer.
“We have no indication that T-Mobile customer data or source code was included and can confirm that the bad actor’s claim that T-Mobile’s infrastructure was accessed is false.”
This assertion comes after IntelBroker, a well-known menace actor linked to quite a few breaches, claimed to have breached T-Cellular in June 2024 and stolen supply code.
To show that the info is genuine and originates from a latest cyberattack, IntelBroker printed a number of screenshots exhibiting entry with administrative privileges to a Confluence server and the corporate’s inside Slack channels for builders.
IntelBroker describes the info they’re promoting as “Source code, SQL files, Images, Terraform data, t-mobile.com certifications, Siloprograms.”
Nevertheless, a supply instructed BleepingComputer that the info shared by IntelBroker is definitely older screenshots of T-Cellular’s infrastructure posted to a third-party vendor’s servers, the place it was stolen.
Whereas BleepingComputer is aware of the title of this alleged service supplier, we won’t be publicly sharing it till we are able to affirm in the event that they had been breached.
Just lately, IntelBroker has been quickly releasing new information breaches, and if all of them used this cloud supplier, it may clarify the place all the info is coming from.
Primarily based on IntelBroker’s screenshots, the hacker had entry to a Jira occasion for testing functions as just lately as this month.
It’s unclear how the hackers breached the supplier, however one of many leaked photos exhibits a seek for important vulnerabilities itemizing CVE-2024-1597, which impacts Confluence Knowledge Heart and Server and has a severity rating of 9.8 out of 10.
Whether or not the third-party vendor was breached with this vulnerability is at the moment unknown.
BleepingComputer tried to contact IntelBroker about this incident however was unable to make contact.
T-Cellular has handled a number of cybersecurity incidents up to now, this one being the third that has impacted the corporate in some method in lower than two years. On January 19, 2023, the telecommunications firm disclosed that hackers had stolen the private data of 37 million prospects.
In Might 2023, the cellular telco revealed that information belonging to lots of of shoppers had been uncovered to unknown attackers for greater than a month beginning in February of the identical 12 months.