• Home
  • cyber
  • Telus Corporation and Telus Digital: Telus Digital confirms hack as ShinyHunters claims credit for massive data theft
cyber Breach

Telus Corporation and Telus Digital: Telus Digital confirms hack as ShinyHunters claims credit for massive data theft

Jan 1, 2025 2 min read
Telus Corporation and Telus Digital: Telus Digital confirms hack as ShinyHunters claims credit for massive data theft

ShinyHunters Claims Massive Breach of Telus Digital, Exposing Customer Data

Hackers breached Telus Digital, a Canadian process-outsourcing subsidiary of Telus Corporation, potentially accessing sensitive data from major clients in telecommunications, financial services, healthcare, and media. The company confirmed the incident late last week, stating that business operations remain unaffected and no service disruptions have been reported. Additional security measures have since been implemented.

While Telus Digital has not disclosed the full scope of compromised data, the ShinyHunters cybercrime group claimed responsibility, alleging the theft of 1 petabyte of data. Samples shared with Reuters and BleepingComputer included personally identifiable information (PII) and call-center recordings from at least two dozen business customers. The hackers reportedly gained access using Google Cloud Platform credentials stolen from a 2025 Salesloft breach, demonstrating the lingering risks of past cyberattacks.

Telus Digital maintains that the breach did not extend to other Telus Corporation divisions, such as its wireless, broadband, or health-technology units. However, Reuters reported that the stolen data may include FBI background check information and source code from multiple business lines. The company is collaborating with law enforcement and cybersecurity experts to investigate and will notify affected customers.

If confirmed, this incident would be the latest in a series of high-profile attacks by ShinyHunters, a group active since 2020. Recent targets include Panera Bread, Wynn Resorts, and Odido, with stolen data often leaked on the dark web. The breach underscores how past cyber incidents can fuel future attacks through compromised credentials.

Source: https://www.cybersecuritydive.com/news/telus-digital-cyberattack-shinyhunters/814817/

TELUS Digital cybersecurity rating report: https://www.rankiteo.com/company/telus-digital

"id": "TEL1773678226",
"linkid": "telus-digital",
"type": "Breach",
"date": "1/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': 'Major clients in '
                                              'telecommunications, financial '
                                              'services, healthcare, and media',
                        'industry': 'Process Outsourcing',
                        'location': 'Canada',
                        'name': 'Telus Digital',
                        'type': 'Subsidiary'}],
 'attack_vector': 'Compromised credentials (Google Cloud Platform)',
 'customer_advisories': 'Notification to affected customers planned',
 'data_breach': {'data_exfiltration': 'Yes',
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personally identifiable '
                                              'information (PII)',
                                              'Call-center recordings',
                                              'FBI background check '
                                              'information',
                                              'Source code']},
 'description': 'Hackers breached Telus Digital, a Canadian '
                'process-outsourcing subsidiary of Telus Corporation, '
                'potentially accessing sensitive data from major clients in '
                'telecommunications, financial services, healthcare, and '
                'media. The ShinyHunters cybercrime group claimed '
                'responsibility, alleging the theft of 1 petabyte of data, '
                'including personally identifiable information (PII) and '
                'call-center recordings. The breach was reportedly achieved '
                'using Google Cloud Platform credentials stolen from a 2025 '
                'Salesloft breach.',
 'impact': {'data_compromised': '1 petabyte of data',
            'identity_theft_risk': 'High (PII exposed)',
            'operational_impact': 'No service disruptions reported',
            'systems_affected': 'Telus Digital (process-outsourcing '
                                'subsidiary)'},
 'initial_access_broker': {'entry_point': 'Google Cloud Platform credentials'},
 'investigation_status': 'Ongoing',
 'post_incident_analysis': {'root_causes': 'Compromised credentials from prior '
                                           'breach (Salesloft 2025)'},
 'references': [{'source': 'Reuters'}, {'source': 'BleepingComputer'}],
 'response': {'communication_strategy': 'Notification to affected customers '
                                        'planned',
              'containment_measures': 'Additional security measures '
                                      'implemented',
              'incident_response_plan_activated': 'Yes',
              'law_enforcement_notified': 'Yes',
              'third_party_assistance': 'Cybersecurity experts'},
 'threat_actor': 'ShinyHunters',
 'title': 'ShinyHunters Claims Massive Breach of Telus Digital, Exposing '
          'Customer Data',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Stolen credentials from 2025 Salesloft breach'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.