Read Time:1 Minute, 30 Second
A cybersecurity attacker has leaked sensitive data of a Canadian telecommunication company and uploaded them to a hacker site.
One of Canada’s largest telecommunications companies, Telus, is purportedly experiencing a significant system breach. They are presently looking into samples that were said to be an employee list containing email addresses and names released online by a threat actor on February 17th, 2023.
“TELUS employees [sic] from a very recent breach. We have over 76K unique emails, and on top of this, we have internal information associated with each employee scraped from Telus’ API,” states the forum post created by the threat actor.
On February 21st, the source actor created another forum post, this time promoting the sale of TELUS’ private GitHub repositories, source code, and payroll data.
“In the repositories are the backend, frontend, middleware [information,] AWS keys, Google auth keys, Source Code, Testing Apps, Staging/Prod/testing, and more!” states the seller’s latest post.
The vendor also bragged that the company’s “sim-swap-API,” which is supposed to allow attackers to conduct SIM swap attacks, was included in the stolen source code.
Was this considered a “full breach,” as the threat actor has labelled this?
BleepingComputer received from Telus’ spokesperson, “We are investigating claims that a small amount of data related to internal TELUS source code and select TELUS team members’ information has appeared on the dark web.”
“We can confirm that to this point, our investigation, which we launched as soon as we were made aware of the incident, has not identified any corporate or retail customer data.”
Cyber analysts identified several variables that contributed to the trend, including the widespread usage of mobile devices for multi-factor authentication (MFA), the surveillance of targets as part of a state-funded geopolitical plan, and SIM-swapping attacks.
Happy
0 %
Sad
0 %
Excited
0 %
Sleepy
0 %
Angry
0 %
Surprise
0 %
0
0
