Overview
- Telus confirmed unauthorized access to a limited number of systems and said it is notifying affected customers as its investigation progresses.
- The company reported no disruption to connectivity or services and said business operations remain fully functional.
- ShinyHunters claims to have taken 700 terabytes to nearly 1 petabyte of data and to have sought a $65 million payment in February, with no response from Telus reported.
- The group says it used Google Cloud credentials from the Salesloft/Drift breach to access Telus systems, including BigQuery, and then pivoted using additional secrets found with scanning tools.
- Samples shared with Reuters suggest exposure of personally identifiable information, call data and recordings, FBI background checks, and source code tied to at least two dozen companies, though the data’s full scope and authenticity remain unverified.