Key Findings

* ShinyHunters claims to have stolen approximately 1 petabyte of data from Telus Digital

* Breach discovered through stolen Google Cloud Platform credentials from a previous Salesforce-related hack

* Telus confirms unauthorized access to internal systems

* No disruption to customer services reported

* Investigations and forensic analysis are ongoing

Background

Telus Digital, a subsidiary of Canadian telecommunications giant Telus, provides business process outsourcing (BPO) services to companies worldwide. The company offers customer support, content moderation, and AI data services across multiple industries. As a BPO provider handling sensitive customer information for numerous clients, the organization represents an attractive target for cybercriminals seeking large-scale data theft.

Breach Methodology

The ShinyHunters group alleges they gained initial access through Google Cloud Platform credentials discovered in previously stolen Salesforce data from the Salesloft Drift breach. Using these credentials, they accessed Telus systems, including a large BigQuery instance. The hackers then utilized the cybersecurity tool trufflehog to search for additional credentials, allowing them to pivot and expand their access across multiple Telus systems.

Data Stolen

According to ShinyHunters, the stolen data includes:

* Customer support recordings

* Internal computer source code

* Employee records

* Potentially sensitive information from 28 unnamed client companies

Company Response

Telus has:

* Confirmed the security incident

* Engaged cyber forensics experts

* Initiated cooperation with law enforcement

* Assured that business operations remain fully functional

* Begun notifying potentially impacted customers

Threat Actor Context

ShinyHunters has a documented history of high-profile data breaches, including:

* October 2025: Theft of nearly 1 billion records from 39 companies

* January 2026: Data leaks from SoundCloud and Crunchbase

* February 2026: Attack on Odido (Netherlands mobile operator)

* Recent large-scale data theft targeting Salesforce environments

Potential Impact

While the full extent of the breach is still under investigation, the massive scale of data theft (potentially 1 petabyte) suggests significant potential for corporate and personal information exposure. The incident underscores the critical importance of robust cybersecurity measures, especially for organizations handling sensitive customer and client data.

Sources

• https://hackread.com/shinyhunters-1-petabyte-data-breach-telus-digital/

• https://www.bleepingcomputer.com/news/security/telus-digital-confirms-breach-after-hacker-claims-1-petabyte-data-theft/

• https://www.reddit.com/r/pwnhub/comments/1rtnsm1/shinyhunters_claims_1_petabyte_data_theft_from/

• https://databreaches.net/2026/03/12/telus-digital-confirms-breach-after-shinyhunters-claims-1-petabyte-data-theft/