ShinyHunters Claims Massive Data Breach at Telus Digital

ShinyHunters Claims Massive Data Breach at Telus Digital

In March 2026, Telus Digital, a subsidiary of the Canadian telecommunications giant Telus, confirmed a significant cybersecurity breach. The hacking group ShinyHunters has claimed responsibility for the attack, alleging the theft of nearly 1 petabyte of sensitive customer data. This incident underscores the escalating threats posed by cybercriminal organizations targeting major corporations.

Details of the Breach

The breach is reportedly linked to the 2025 Salesloft Drift supply-chain attack, during which OAuth tokens were compromised. ShinyHunters claims to have utilized Google Cloud Platform (GCP) login credentials obtained from that earlier incident to infiltrate Telus systems. Once inside, the attackers accessed a BigQuery instance, scanned for further credentials, and expanded their access within the company's infrastructure.

According to reports, the stolen data encompasses a vast array of sensitive information, including customer personal details, financial records, and proprietary corporate data. The hackers have allegedly demanded a ransom of $65 million from Telus in exchange for deleting the stolen data. However, Telus has stated that it has not engaged with the extortion attempt.

Telus's Response

Telus Digital has initiated an internal investigation, collaborating with cybersecurity experts and law enforcement agencies to assess the full scope of the breach. The company has implemented additional security measures to prevent further unauthorized access and is in the process of notifying affected customers as more information becomes available.

Despite the breach, Telus maintains that its operations remain unaffected and that customer services continue to function normally. The company has emphasized its commitment to data security and is taking all necessary steps to address the incident.

Implications and Industry Reactions

This breach highlights the persistent and evolving threats posed by cybercriminal groups like ShinyHunters. The telecommunications industry, which handles vast amounts of sensitive customer data, remains a prime target for such attacks. Experts suggest that companies must continually assess and enhance their cybersecurity protocols to mitigate the risks associated with increasingly sophisticated cyber threats.

In response to the incident, cybersecurity professionals are urging organizations to review their security measures, particularly concerning third-party integrations and cloud-based services. The Telus breach serves as a stark reminder of the importance of robust security practices and the need for vigilance in the face of ongoing cyber threats.

For more detailed information on this incident, refer to the original report by TechRadar: TechRadar.