HQ/EMEAFind out how we can help your business
One of Canada’s biggest telecom provider companies, TELUS telecom, is investigating a possible data breach in their system after a threat actor published a sample of one of their employees’ data.
The alleged data breach actor posted screenshots showing the company’s private source code repositories and payroll records. The Canadian telecom provider has yet to discover evidence of missing retail customer or corporate data and continues to observe the potential incident.
TELUS telecom should investigate more as the alleged secret source code and employee data are now for sale.
According to a separate investigation, a threat actor claimed they were selling an employee list from the TELUS telecom on a data breach forum. The employee list includes names and email addresses from the company.
The researchers stated that the group had posted more than 76,000 unique emails and internal information linked to every employee from Telus’ API.
However, the researchers could yet confirm the authenticity of the threat actors’ claims but a small sample from the group included valid names and email addresses that match the current TELUS employees. Furthermore, most leaked details came from software developers and technical personnel.
The threat actors have organised a new data leak forum and are selling the TELUS private GitHub repositories, source code, and the company’s payroll logs.
The repositories contained the backend, frontend, middleware, AWS keys, Source code, Testing Apps, Google auth keys, Staging, and more. The seller further features the stolen source code that includes TELUS’ sim-swap-api, which could allow an attacker to execute a SIM swap campaign.
Cybersecurity experts explained that it is still too early to classify this attack as a complete data breach campaign despite the threat actors claiming their operators as a success. The company and other researchers should still investigate and confirm the accuracy of the adversaries’ claims.
On the other hand, TELUS employees and customers should be wary of phishing attempts or scam attacks that could target them since most of the company’s workforce is subject to the attack.
