1,000TB of Data Stolen: Telus Digital Suffers Major Security Incident
In a recent security breach, Telus Digital, a subsidiary of Canadian telecom giant Telus, has reported a significant data theft incident. According to reports, hackers, known as ShinyHunters, have stolen nearly 1,000 terabytes (TB) of data over several months. This massive data breach has left the company and its customers reeling, with potential implications for the broader cybersecurity landscape.
The breach, which was first reported by BleepingComputer, is believed to have begun several months ago, with the hackers gaining access to Telus Digital's systems using stolen Google Cloud Platform credentials from a previous breach at Salesloft Drift. The hackers then used a cybersecurity tool called trufflehog to download additional data from the Telus system. According to ShinyHunters, the stolen data includes customer information, call records, and other sensitive data from companies that outsource customer care to Telus Digital.
The data stolen by ShinyHunters is vast, with claims of stolen customer data, call records, source code, FBI background checks, financial information, and even voice recordings of support calls. The hackers also claim to have accessed data from 28 well-known companies, although the publication has not been able to independently confirm the extent of the breach. The impacted companies include Telus communications services, such as its consumer-fixed line business, which includes call records, voice recordings, and campaign data.
In February, ShinyHunters attempted to extort Telus, demanding $65 million in exchange for not leaking the company's data. However, Telus has not responded to their demands. The company has confirmed that it is investigating the breach and has taken immediate steps to address the unauthorized access to its systems. Telus Digital is working with cyber forensics experts and law enforcement to investigate the breach and has implemented additional security measures to safeguard its systems.
While this breach is concerning, it is not the first time a Canadian telecom has been targeted by hackers. The Canadian Centre for Cyber Security has noted that the People's Republic of China has launched state-sponsored cyber attacks against Canadian telecoms in the past. Similarly, Rogers was compromised in 2020. However, the scale and scope of this breach make it a significant wake-up call for companies and individuals alike.
In conclusion, the recent data breach at Telus Digital serves as a reminder of the importance of robust cybersecurity measures and the need for companies to stay vigilant in the face of increasingly sophisticated threats. As the cybersecurity landscape continues to evolve, it is essential for companies and individuals to prioritize their online security and take proactive steps to protect themselves against potential threats.
Keywords: cybersecurity, data breach, hacking, Telus Digital, ShinyHunters, Google Cloud Platform, trufflehog, Salesloft Drift, Canadian Centre for Cyber Security, Rogers, People's Republic of China.