Lapsus$ Breaches T-Mobile | 20 Most Common Passwords Leaked | Five Affordable Cyber Security Best Practices for Small Businesses

May 3rd

Article by Christopher Lauder, Delegate Relationship Executive, Rela8 Group


Lapsus$ Breaches T-Mobile

It has been reported by KrebsOnSecurity that internal conversations at Lapsus$ Group, the week before some of the group's (alleged) members were arrested last month, indicated that the group had made multiple incursions into T-Mobile's systems.

From previous breaches, Lapsus$ exhibits a strong interest in source code. They compromised T-Mobile employee accounts either by social engineering or through buying them from Russophone initial access brokers. In the instance of T-Mobile, Lapsus$ was able to steal source code for a range of company projects.

T-Mobile told KrebsOnSecurity:

"Several weeks ago, our monitoring tools detected a bad actor using stolen credentials to access internal systems that house operational tools software. The systems accessed contained no customer or government information or other similarly sensitive information, and we have no evidence that the intruder was able to obtain anything of value. Our systems and processes worked as designed, the intrusion was rapidly shut down and closed off, and the compromised credentials used were rendered obsolete.”

Lapsus$ members were found to continuously target T-Mobile employees. It was found that if the gang was cut off from an employee’s credentials, they’d just buy another one. Logs from March 19, 2022 show that Lapsus$ had gained access to Atlas, an internal T-Mobile tool for customer account management, and the gang attempted to access government accounts, but they required further verification. Eventually, the leader of Lapsus$ decided to cut the VPN connection completely, but they continued to steal source code. It is unclear why source code was the main target of the attacks.

Source - Lapsus$ Breaches T-Mobile - The Cyber Wire

Source - Lapsus$ Breaches T-Mobile - KrebsOnSecurity

Our systems and processes worked as designed, the intrusion was rapidly shut down and closed off, and the compromised credentials used were rendered obsolete
T-Mobile statement

20 Most Common Passwords Leaked

According to the Identity Theft Resource Centre’s (ITRC) 2021 Annual Data Breach Report, data breaches are at an all-time high. There were 1,862 data breaches in 2021 — a 68% increase over breaches in 2020.

When data breaches happen, emails and passwords associated with online accounts are also commonly leaked, leaving users at risk of phishing scams or identity theft. According to Lookout, on average 80% of consumers have had their email leaked on the dark web.

In an article by Security Magazine, they list the top 20 most common passwords that have been found on the dark web due to data breaches. The most common passwords leaked are below:

  1. 123456
  2. 123456789
  3. qwerty
  4. password
  5. 12345
  6. 12345678
  7. 111111
  8. 1234567
  9. 123123
  10. qwerty123
  11. 1q2w3e
  12. 1234567890
  13. DEFAULT
  14. 0
  15. Abc123
  16. 654321
  17. 123321
  18. Qwertyuiop
  19. Iloveyou
  20. 666666

More information can be found by checking out the full article by Security Magazine below.

Source - 20 Most Common Passwords Leaked - Security Magazine

Five Affordable Cyber Security Best Practices for Small Businesses

Rhett Buttle has published an article on Forbes highlighting the impact that attacks can have on small businesses. FireEye reports that 77% of all cybercrimes are directed towards small business, however only 42% of small business owners are concerned with cyber security.

According to the National Small Business Association, as many as 60% of small businesses that experienced a significant cyber breach will go out of business within six months. Because of this, Rhett lists the following five affordable best practices that small business owners can take to ensure they are protected.

  1. Update your security software
  2. Protect your files
  3. Create strong passwords and enable multi-factor authentication
  4. Secure your router
  5. Train your staff

More information on each of these five points can be found by checking out the full article by Rhett on the Forbes website which has been linked below, as well as more information on the research by FireEye and the National Small Business Association.

Source - Affordable Cyber Security Best Practices for Small Businesses - Forbes

Source - FireEye Report

Source - National Small Business Association Report

77% of all cybercrimes are directed towards small business, however only 42% of small business owners are concerned with cyber security
FireEye
If you want to get in touch then give us a shout