Telus Digital, the digital services and business process outsourcing (BPO) arm of the Canadian telecommunications provider Telus, has confirmed a security incident following claims of a massive data theft. The ShinyHunters extortion group claims to have breached the company using Google Cloud Platform credentials discovered in data stolen during a previous third-party incident. By pivoting through the company’s network using compromised credentials, the threat group allegedly accessed numerous internal systems and is currently demanding a $65 million ransom to prevent the public release of the information.
According to the actor, the allegedly compromised data includes nearly 1 petabyte of information impacting Telus’ internal operations, consumer telecommunications division, and at least 28 corporate customers. The allegedly stolen data includes:
-
Detailed call data records (time, duration, sender/receiver numbers, and call quality metadata)
-
Voice recordings of customer support calls
-
FBI background checks
-
Financial information
-
Source code
-
Salesforce data and customer support tickets
-
Agent performance ratings
-
Data from AI-powered customer support tools
-
Fraud detection, prevention, and content moderation records
