Telus Digital Confirms Major Security Breach After ShinyHunters Claims 1 Petabyte Data Theft

Summary

Telus Digital, the digital services and business process outsourcing (BPO) arm of Canadian telecommunications provider Telus, has confirmed suffering a significant cybersecurity incident following claims by threat actors ShinyHunters that they stole nearly 1 petabyte of data in a multi-month breach. The hackers allegedly gained initial access by exploiting Google Cloud Platform credentials discovered during the Salesloft Drift breach, then pivoted through Telus systems using credential harvesting techniques to exfiltrate massive amounts of data belonging to the company and its customers.

Telus acknowledged the breach in a statement to BleepingComputer, noting that it discovered unauthorized access to a limited number of systems and has since engaged forensic experts and law enforcement. The company stated that all business operations remain fully operational with no evidence of customer connectivity disruption. However, the incident raises serious concerns about the vulnerability of BPO providers, which are attractive targets for threat actors seeking to compromise multiple downstream customers through a single breach point.

ShinyHunters claims the stolen data includes customer information across 28 well-known companies that use Telus Digital for customer support and operational services. The threat actors reportedly demanded ransom, but sources indicate Telus declined to negotiate. While BleepingComputer could not independently verify the full scope of the breach, the incident underscores the cascading risk posed when major service providers handling sensitive customer data become compromised.

• The breach potentially impacts 28 well-known companies that rely on Telus Digital for customer support and business process outsourcing services