Telus Digital Confirms Data Breach After Hacker Claims 1 Petabyte Theft

Telus Digital has confirmed that it experienced a significant data breach, allegedly resulting in the theft of nearly 1 petabyte of data. Threat actors known as ShinyHunters claimed responsibility for this extensive attack, which compromised customer data related to Telus’ business process outsourcing (BPO) operations and telecommunications records.

Details of the Data Breach

The breach reportedly occurred over several months, raising serious concerns for Telus Digital, the outsourcing branch of the Canadian telecommunications giant Telus. This unit provides various services, including customer support and AI data management, making it an appealing target for cybercriminals.

Impact of the Breach

• ShinyHunters reportedly accessed sensitive customer data, call records, and operational metrics.
• The breach also affected Telus’ consumer telecommunications division.
• Initial investigations indicate extensive unauthorized access to company systems.

In response, Telus Digital engaged cybersecurity experts to investigate the breach and integrate additional security measures. The company reassured customers that all operations remain uninterrupted and that customer data security is a top priority.

Methods of the Attack

According to reports, ShinyHunters exploited credentials obtained from a previous data breach involving Salesloft Drift. These credentials facilitated unauthorized access to Telus’ systems via the Google Cloud Platform. This breach allowed the actors to leverage tools like trufflehog to find further credentials and expand their access.

Types of Stolen Data

ShinyHunters claims the stolen data includes:

• Customer support records and call center operations.
• Financial information and source code.
• FBI background checks and AI support tools.
• Telecommunications data including call records and voice recordings.

Ongoing Investigations and Response

Telus Digital is cooperating with law enforcement to address the breach. The company is also in the process of notifying affected customers as investigations progress. ShinyHunters initially demanded a ransom of $65 million, though Telus has not engaged with the threat actors.

Who are ShinyHunters?

The ShinyHunters group has gained notoriety for targeting multiple high-profile organizations, including Google and Cisco. Their recent tactics include sophisticated phishing attacks aimed at stealing credentials and accessing critical business applications across cloud services.

The Telus Digital breach highlights growing vulnerabilities in BPO services and underscores the need for enhanced cybersecurity measures. As this situation develops, further updates on the investigation and its findings are anticipated.