Telus Corp. is investigating a significant cybersecurity incident at its technology services division, involving unauthorized access by a criminal hacking group known as ShinyHunters.
The Vancouver-based telecommunications company confirmed that hackers gained entry to systems belonging to Telus Digital, its business outsourcing and technology arm. The company stated that a "limited number of systems" within the affiliate were compromised.
Telus has implemented measures to address the security breach and protect its infrastructure from additional intrusions. A company spokesperson emphasized that all systems within Telus Digital continue operating normally, with no evidence of service disruptions for customers.
%20(1)%20(1).webp)
According to technology publication BleepingComputer, which first reported the incident Thursday, ShinyHunters claims to have stolen nearly one petabyte of data during a multi-month breach. The group reportedly demanded ransom payment in exchange for not releasing the stolen information.
The breach affects Telus Digital, which provides various digital services including cloud computing, automation, and design solutions. Telus said it is collaborating with law enforcement agencies and monitoring the situation while notifying affected customers.
ShinyHunters has been connected to numerous recent attacks against major corporations, including Dutch telecommunications provider Odido. The group operates under multiple aliases, including "Scattered Lapsus Shiny Hunters," and maintains ties to an international cybercrime organization called "the Com."
Security experts strongly advise against paying ransoms to this particular group. "Categorically, paying Com ransomware groups is pointless. They fundamentally don't understand what made the Russian ransom business model work, and victims don't get what they are promised, so Com extorters don't deserve a dime of your money," said Allison Nixon, chief research officer at security firm Unit 221B.
Nixon noted that the group frequently employs intimidation tactics, "because they know the data theft isn't strong enough to speak for itself."
The FBI has characterized the Com as "a primarily English-speaking, international, online ecosystem comprised of multiple interconnected networks whose members, many of whom are minors, engage in a variety of criminal violations."
ShinyHunters faces multiple proposed class-action lawsuits from U.S. companies alleging inadequate data protection. These include cases against Wynn Resorts Ltd. involving 800,000 customer records, SoundCloud Inc. concerning 29.8 million accounts, and Mercer Advisors Inc. affecting over five million client records. None of these allegations have been proven in court.
Telus regained full control of its digital services division in September following a significant decline in the outsourcing unit's stock value. During the company's most recent earnings call, CEO Darren Entwistle discussed plans to integrate the digital arm's artificial intelligence and data capabilities throughout the organization, "enabling strategic cross-promotion" across Telus's entire business portfolio.
The incident highlights ongoing cybersecurity challenges facing major telecommunications and technology companies as criminal groups continue targeting sensitive customer data and business operations.