"L&M used a credential stuffing attack: using email addresses gleaned from massive breaches to gain access by repeatedly trying different email/password combinations."
"That's why it was so important that the new 5G mobile protocol be designed to foil IMSI catchers, and why the 3rd Generation Partnership Project, or 3GPP (the body standardizing 5G) updated the Authentication and Key Agreement (AKA) to resist IMSI catching techniques."