T-Cellular has denied it was breached or that supply code was stolen after a menace actor claimed to be promoting stolen information from the telecommunications firm.
“T-Cellular methods haven’t been compromised. We’re actively investigating a declare of a problem at a third-party service supplier,” T-Cellular shared in an announcement to BleepingComputer.
“We’ve no indication that T-Cellular buyer information or supply code was included and might verify that the dangerous actor’s declare that T-Cellular’s infrastructure was accessed is fake.”
This assertion comes after IntelBroker, a well-known menace actor linked to quite a few breaches, claimed to have breached T-Cellular in June 2024 and stolen supply code.
To show that the info is genuine and originates from a current cyberattack, IntelBroker printed a number of screenshots displaying entry with administrative privileges to a Confluence server and the corporate’s inner Slack channels for builders.
IntelBroker describes the info they’re promoting as “Supply code, SQL recordsdata, Pictures, Terraform information, t-mobile.com certifications, Siloprograms.”
supply: BleepingComputer
Nevertheless, a supply instructed BleepingComputer that the info shared by IntelBroker is definitely older screenshots of T-Cellular’s infrastructure posted to a third-party vendor’s servers, the place it was stolen.
Whereas BleepingComputer is aware of the identify of this alleged service supplier, we is not going to be publicly sharing it till we will verify in the event that they had been breached.
Just lately, IntelBroker has been quickly releasing new information breaches, and if all of them used this cloud supplier, it may clarify the place all the info is coming from.
Primarily based on IntelBroker’s screenshots, the hacker had entry to a Jira occasion for testing functions as lately as this month.
It’s unclear how the hackers breached the supplier, however one of many leaked photos exhibits a seek for crucial vulnerabilities itemizing CVE-2024-1597, which impacts Confluence Information Middle and Server and has a severity rating of 9.8 out of 10.
Whether or not the third-party vendor was breached with this vulnerability is at present unknown.
BleepingComputer tried to contact IntelBroker about this incident however was unable to make contact.
T-Cellular has handled a number of cybersecurity incidents prior to now, this one being the third that has impacted the corporate in some method in lower than two years. On January 19, 2023, the telecommunications firm disclosed that hackers had stolen the non-public info of 37 million clients.
In Might 2023, the cellular telco revealed that information belonging to lots of of consumers had been uncovered to unknown attackers for greater than a month beginning in February of the identical 12 months.