September 21, 2023

Canada’s largest telecommunications provider, Telus, is reportedly investigating a potentially major breach of its systems after a threat actor posted samples online.

The leaked data includes a sample of employee payroll records, source code from the telecom firm’s private GitHub repositories, and other information.

The database purported to contain the email addresses of every employee at Telus is been offered by the threat actor. The price for the database was $7,000. Another database, supposedly containing payroll information of the top executives at the telco, including its president, was available for $6,000.

Advertisements

The threat actor also offered for sale for $50,000, a data set that the person claimed included more than 1,000 private GitHub repositories belonging to Telus. The source code available for sale apparently included an API that would allow an adversary to do SIM-swapping.

As per the threat actor, one can get everything associated with Telus, including complete subdomain lists and screenshots of active sites. The authenticity is yet to be verified, and the breach is investigated.

If the breach at Telus happened as the threat actor claimed, it will be the latest in a string of attacks that have targeted telecom firms recently like Optus, Telestra, Dialog, and Singtel

Leave a Reply

%d bloggers like this: