BotBeat
...
← Back

> ▌

Telus DigitalTelus Digital
POLICY & REGULATIONTelus Digital2026-03-13

Telus Digital Confirms Major Security Breach After ShinyHunters Claims 1 Petabyte Data Theft

Key Takeaways

  • ▸Telus Digital suffered a major breach affecting nearly 1 petabyte of data, with threat actors ShinyHunters exploiting credentials from the Salesloft Drift incident to gain initial access
  • ▸BPO providers are high-value targets for threat actors because compromising a single provider can provide access to sensitive data for dozens of downstream customers
  • ▸The attack chain involved credential harvesting and lateral movement through cloud infrastructure, demonstrating the importance of credential management and access controls
Source:
Hacker Newshttps://www.bleepingcomputer.com/news/security/telus-digital-confirms-breach-after-hacker-claims-1-petabyte-data-theft/↗

Summary

Telus Digital, the digital services and business process outsourcing (BPO) arm of Canadian telecommunications provider Telus, has confirmed suffering a significant cybersecurity incident following claims by threat actors ShinyHunters that they stole nearly 1 petabyte of data in a multi-month breach. The hackers allegedly gained initial access by exploiting Google Cloud Platform credentials discovered during the Salesloft Drift breach, then pivoted through Telus systems using credential harvesting techniques to exfiltrate massive amounts of data belonging to the company and its customers.

Telus acknowledged the breach in a statement to BleepingComputer, noting that it discovered unauthorized access to a limited number of systems and has since engaged forensic experts and law enforcement. The company stated that all business operations remain fully operational with no evidence of customer connectivity disruption. However, the incident raises serious concerns about the vulnerability of BPO providers, which are attractive targets for threat actors seeking to compromise multiple downstream customers through a single breach point.

ShinyHunters claims the stolen data includes customer information across 28 well-known companies that use Telus Digital for customer support and operational services. The threat actors reportedly demanded ransom, but sources indicate Telus declined to negotiate. While BleepingComputer could not independently verify the full scope of the breach, the incident underscores the cascading risk posed when major service providers handling sensitive customer data become compromised.

  • The breach potentially impacts 28 well-known companies that rely on Telus Digital for customer support and business process outsourcing services
CybersecurityPrivacy & Data

Comments

Suggested

LLM Agent EcosystemLLM Agent Ecosystem
RESEARCH

Researchers Expose Critical Payload-Less Attack on LLM Agent Supply Chains

2026-07-04
AppleApple
RESEARCH

Researchers Discover Six Vulnerabilities in Apple AirDrop and Google/Samsung Quick Share Protocols

2026-07-04
Trail of BitsTrail of Bits
OPEN SOURCE

Trail of Bits Brings Post-Quantum Cryptography to Python's Most-Downloaded Crypto Library

2026-07-04
← Back to news
© 2026 BotBeat
AboutPrivacy PolicyTerms of ServiceContact Us