Telus Digital confirmed a security incident after threat actors claiming to be ShinyHunters said they had stolen nearly 1 petabyte of data in a multi-month breach. Telus is investigating, has engaged cyber forensics and law enforcement, and says business operations remain fully operational while it notifies impacted customers as appropriate. #ShinyHunters #TelusDigital
Keypoints
- ShinyHunters claims to have exfiltrated nearly 1 petabyte of Telus Digital and customer data.
- Attackers say they used Google Cloud Platform credentials found in the Salesloft Drift breach to access Telus systems.
- Allegedly stolen data includes call records and voice recordings, Salesforce data, source code, background checks, and financial information.
- Telus reports no disruption to customer connectivity, has implemented additional security measures, and is working with forensics and law enforcement.
- ShinyHunters has a track record of cloud SaaS breaches and has used vishing and device-code techniques to hijack SSO accounts.