A teenage hacker group LAPSUS$ used stolen or purchased passwords infiltrate the company’s systems multiple times in March 2022. This goes to show why companies can no longer rely on password-based security measures   

What’s worse than a bunch of teenagers stirring up trouble with pranks? When those “idle hands” decide to use stolen or compromised employee credentials Ito steal a cellular provider’s source code and try to take over customers’ accounts. Unfortunately, that’s exactly what happened recently when the teenaged hacker group LAPSUS$ gained access to an unknown number of T-Mobile employees’ credentials and used them to access sensitive code and systems.

The attackers accessed the cellular company’s internal systems — including an internal software that controls SIM card porting — to try to “SIM swap” FBI and other government-related accounts. (“SIM swapping” occurs when an attacker ports the SIM card number from a legitimate mobile device to one they control to bypass multi-factor authentication [MFA] and gain unauthorized access to accounts associated with that phone number.)

Thankfully, the attackers were unsuccessful in gaining access to government accounts due to some secondary account permission requirements that were in place. But that’s not always going to be the case. Let’s explore what happened and why this incident serves as yet another example of why relying on traditional usernames and passwords (or even SMS-based MFA) can be a big risk for organizations and their customers.

Let’s hash it out.

The post Latest T-Mobile Attack Underscores Value of Pki Authentication appeared first on Hashed Out by The SSL Store™.