Telus confirms that Telus Digital has suffered a security incident after hackers reportedly stole nearly a petabyte (1,000TB) of data over several months. The Telus Digital arm of Telus provides customer support, content moderation, AI data services and other operational services to companies worldwide.
The hackers, known as ShinyHunters (likely Pokémon-related), claim to have stolen customer data related to Telus Digital operations, as well as call records from the Telus consumer division.
According to BleepingComputer, which first published information about the hack, they reached out to ShinyHunters and learned that the hackers used Google Cloud Platform credentials they learned in data stolen during a Salesloft Drift breach. From the Salesloft Drift breach, ShinyHunters was able to use the cybersecurity tool trufflehog to download even more data from the Telus system.
ShinyHunters told BleepingComputer that it has stolen close to one petabyte of data belonging to the company and many of its customers, even from clients who outsource customer care to Telus Digital. The hackers told BleepingComputer of 28 well-known companies that were impacted by the breach; however, the publication hasn’t been able to independently confirm whether they were impacted.
Further, the hackers say that a lot of the data that was stolen relates to outsourced services provided by Telus Digital, including customer support, call center outsourcing agent performance ratings, AI-powered customer support tools, fraud detection and prevention and content moderation solutions. They’ve also claimed to have stolen source code, FBI background checks, financial information, Salesforce data, and voice recordings of support calls for various companies. The breach also impacts Telus communications services, such as its consumer-fixed line business, which includes call records, voice recordings and campaign data.
BleepingComputer says that these call data records include when the call was placed, duration, number from, number to, and other metadata, such as call quality.
ShinyHunters tried extorting Telus in February, demanding $65 million in exchange for not leaking the company’s data; however, Telus hasn’t responded to their emails.
Telus Digital told BleepingComputer:
“Telus Digital is investigating a cybersecurity incident involving unauthorized access to a limited number of our systems. Upon discovery, we took immediate steps to address the unauthorized activity and secure our systems against further intrusion. We are actively managing the situation and continue to monitor it closely.”
Telus Digital is also working with cyber forensics experts to help with the investigation and with law enforcement. Further, it has implemented more security measures to safeguard its systems and will notify impacted customers as appropriate. There’s been no evidence of disruption to customer connectivity or services.
This isn’t the first time a Canadian telecom has been hacked, as the Canadian Centre for Cyber Security noted that the People’s Republic of China launched a state-sponsored cyber attack against Canadian telecoms back in 2025. Rogers was also compromised back in 2020.
Source: BleepingComputer
