Narayan AmmachchiCanadian outsourcing firm TELUS Digital has confirmed that cybercriminals breached its network and accessed sensitive data.
The BPO company acknowledged the cyber incident nearly two months after BleepingComputer first reported the breach and the alleged data exposure.
The attack was carried out by a criminal group known as ShinyHunters in January this year.
However, the Canadian company has not disclosed the volume of data that may have been compromised. It said cyber security experts have been engaged to investigate the incident and that the firm is also coordinating with law enforcement authorities.
“All business operations within TELUS Digital remain fully operational, and there is no evidence of disruption to customer connectivity or services,” the company told the news outlet.
ShinyHunters, which claimed to have obtained 1 petabyte of data, has been active since around 2020 and is known for targeting SaaS platforms to steal large volumes of information.
According to reports, the group initially gained access using compromised Google Cloud Platform (GCP) credentials. These credentials were reportedly sourced from an earlier 2025 breach at Salesloft. Once inside the system, the attackers allegedly used tools such as TruffleHog to scan for additional secrets and credentials.
The intrusion was very much “disciplined,” according to analysts because it ran for months on end. Unlike rapid ransomware-style attacks, the operation appeared designed primarily for large-scale data exfiltration and leverage.
Some reports also indicate that ShinyHunters demanded a ransom of $65 million following the breach.
Add comment