Heimdal
Home > Cybersecurity News

Hackers Claim They Breached Telus, Canada’s Second-largest Telecom Company

Threat Actors Posted Online Samples of Source Code and Employee Data.

Last updated on February 24, 2023

article featured image

Contents:

Telus is now investigating the possibility of a data breach affecting its corporate data. The Canadian telecom company started looking for an incident after hackers posted samples of Telus’ information, as they pretend.

The sample contains employee data, source code, and payroll records. But, until now, the organization did not found proof of an attack.

What Data Is for Sale

The first post regarding Telus’ stolen data dates from February 17, 2023. Hackers posted on a data breach forum an employee list for sale. The list contains 76k email addresses and employee names.

“TELUS employes [sic] from a very recent breach. We have over 76K unique emails and on top of this, we have internal information associated with each employee scraped from Telus’ API,” reads the post, according to BleepingComputer.

It appears that the names from that first post are valid. They correspond with the organization’s employees, especially software developers and technical staff.

Hackers Claim They Breached Telus, Canada's Second-largest Telecom Company

Source

A second post followed, on February 21, 2023. The same threat actor posted for sale a sample with the company’s private GitHub repositories, source code, and payroll records. Cybercriminals are saying that the stolen source code can be used for SIM swap attacks.

Despite all this data being posted online, Telus can’t confirm the data breach yet. Internal investigations are ongoing, and specialists are also looking into a third-party vendor breach.

We are investigating claims that a small amount of data related to internal TELUS source code and select TELUS team members’ information has appeared on the dark web. We can confirm that to this point our investigation, which we launched as soon as we were made aware of the incident, has not identified any corporate or retail customer data.

Telus for BleepingComputer

As a precautionary measure, clients and employees are advised to be vigilant with any message they might receive. Phishing attacks might target them via email, text, or telephone.

If you liked this article, follow us on LinkedInTwitterFacebook, and YouTube for more cybersecurity news and topics.

Author Profile

Andreea Chebac

Digital Content Creator

Andreea is a digital content creator within Heimdal® with a great belief in the educational power of content. A literature-born cybersecurity enthusiast (through all those SF novels…), she loves to bring her ONG, cultural, and media background to this job.

Related Articles

Australia’s Largest Telecom Company Employees at Risk Following Telstra BreachEspionage Hacking Campaign Is Targeting Telecom OperatorsWhat Is a Data Breach and How to Prevent ItPhishing attacks explained: How it works, Types, Prevention and StatisticsWhat is SIM Swapping?

Leave a Reply

Your email address will not be published. Required fields are marked *

CHECK OUR SUITE OF 11 CYBERSECURITY SOLUTIONS

SEE MORE
linkedin
youtube
facebook
x

resources

company

newsletter

© 2024 Heimdal®

Vat No. 35802495, Vester Farimagsgade 1, 2 Sal, 1606 København V