Canadian telecommunications company, Telus, is investigating a potential data breach after an alleged dark web vendor claimed to have access to employee information and code repositories from the company’s Github page. The posting claims to have scraped the API of the company and has information on select Telus team members.
Telus, in response to the claim, confirmed that they are investigating and have not identified any corporate or retail customer data at risk. However, there is no way to confirm if the data is legitimate.
The seller under the pseudonym “Sieze” has posted two listings, one on February 17 and the other on February 21. The first listing advertised emails of Telus employees, with internal information associated with each employee, while the second listing added a database file of every person that works at Telus and payroll files with 770 records of white-collar workers.
The seller has asked for $50k for all of the copied data, including a list of Telus private Github repositories, subdomains, and screenshots. The seller has also asked interested parties to connect with them on the Telegram messaging service.
The alleged exposure of private Github repositories, which reportedly includes a sim-swap API, is a significant concern for the telecoms company. According to a British Columbia-based threat analyst for Emsisoft, Brett Callow, this exposes Telus’ employees to increased risk of phishing and social engineering, as well as customers who may also be at risk. However, it is important to note that the authenticity of the data has yet to be verified.
In conclusion, Telus is investigating an alleged data breach, and the authenticity of the data is yet to be verified. If the data is genuine, this could pose a serious risk to Telus employees and customers, and the company needs to take swift action to mitigate the potential fallout from the breach.
