Telus Digital confirms massive 1 petabyte data breach by hackers
VANCOUVER, CANADA — Canadian business process outsourcing (BPO) company Telus Digital confirmed it suffered a major cybersecurity breach after threat actors claimed to have stolen nearly 1 petabyte of data over several months, putting sensitive client and telecommunications information at risk, Ground News reports.
The attack, attributed to the notorious extortion group ShinyHunters, reportedly affected Telus Digital’s BPO operations—including customer support, call center outsourcing, and AI-powered moderation tools—as well as the company’s consumer telecommunications division.
ShinyHunters claims to have demanded US$65 million in exchange for not leaking the stolen data, although Telus reportedly did not engage with the extortion attempt.
How ShinyHunters breached Telus Digital systems
According to the report, the hackers gained initial access through Google Cloud Platform credentials obtained during the previous Salesloft Drift breach, which exposed Salesforce data for hundreds of companies.
ShinyHunters then used cybersecurity tools, including truffleHog, to locate additional credentials and move laterally across Telus systems, downloading extensive datasets.
The group claims the stolen data includes customer support tickets, call records, agent performance ratings, source code, financial information, FBI background checks, and voice recordings of support calls.
While the breach allegedly impacts at least 28 major client companies, independent verification of the full extent of the theft remains pending.
“TELUS Digital is investigating a cybersecurity incident involving unauthorized access to a limited number of our systems. Upon discovery, we took immediate steps to address the unauthorized activity and secure our systems against further intrusion,” Telus told BleepingComputer.
“All business operations within TELUS Digital remain fully operational, and there is no evidence of disruption to customer connectivity or services,” Telus added.
Rising cybersecurity risks for global BPO providers
ShinyHunters has emerged as one of the most prolific threat actors this year, heavily targeting software as a service (SaaS) environments such as Salesforce, Microsoft 365, Google Workspace, and Slack.
The group has been using voice phishing attacks, which they use to steal single sign-on accounts, thus increasing their threat against organizations that rely on cloud services globally.
The Telus Digital breach demonstrates how outsourced operations in the BPO industry face increasing security risks, as a single security breach can lead to multiple client data exposures.
As companies increasingly rely on cloud-based support and AI services, the need for rigorous cybersecurity practices and client transparency has never been higher.
The incident serves as a wake-up call for outsourcing providers worldwide, emphasizing that protecting client data is no longer optional but central to maintaining trust and operational stability in a highly interconnected industry.
