Telus Corp. T-T is investigating a cybersecurity incident at its recently reacquired technology business line involving unauthorized access by a criminal hacking and extortion group called ShinyHunters.
Telus said in a statement that a “limited number of systems” belonging to its affiliate, Telus Digital, were accessed.
The Vancouver-based telecom giant said it has taken steps to address the activity and secure its systems against further intrusion.
Telus Digital is the telecom’s business-outsourcing and technology arm. It provides a range of digital services, including for cloud, automation and design.
A company spokesperson said that all systems within Telus Digital remain fully operational, and that there was no evidence of disruption to customer services. The spokesperson said Telus is working with law enforcement and monitoring the situation and that it is notifying any affected customers.
The breach was first reported by technology news website BleepingComputer on Thursday.
According to BleepingComputer, ShinyHunters said it has stolen nearly one petabyte of data from Telus Digital, including a wide range of customer data, in a multimonth breach, and that it was demanding a ransom in exchange for not leaking the data.
The group behind the incident has been linked to a series of attacks in recent weeks targeting major companies, including Dutch telecom Odido.
The group uses a number of different names, including “ShinyHunters” and “Scattered Lapsus Shiny Hunters,” and is associated with an international cybercrime gang known as “the Com,” which is short for the Community.
Experts have cautioned against paying ransoms to the group, saying that its members have been known to re-extort victims who have already paid.
“Categorically, paying Com ransomware groups is pointless. They fundamentally don’t understand what made the Russian ransom business model work, and victims don’t get what they are promised, so Com extorters don’t deserve a dime of your money,” Allison Nixon, the chief research officer at security firm Unit 221B, wrote on LinkedIn.
Ms. Nixon wrote that the group often resorts to tactics such as threats and harassment, “because they know the data theft isn’t strong enough to speak for itself.”
The FBI has described the Com as “a primarily English-speaking, international, online ecosystem comprised of multiple interconnected networks whose members, many of whom are minors, engage in a variety of criminal violations.”
Several U.S. companies are facing proposed class-action lawsuits that allege they did not adequately protect customer data from cyberattacks attributed to ShinyHunters.
One suit, filed in Nevada in February against hotel and casino operator Wynn Resorts Ltd., alleges that ShinyHunters stole more than 800,000 customer records.
Another, filed the same month in the Southern District of New York against music streaming company SoundCloud Inc., alleges ShinyHunters stole information from more than 29.8 million accounts.
And a proposed class action filed in March in Colorado against financial-planning company Mercer Advisors Inc. says ShinyHunters accessed more than five million records belonging to the company’s clients.
None of the allegations have been proved in court.
Telus took back control of its Telus Digital affiliate last September after its outsourcing arm’s share price plummeted.
Speaking to analysts during the company’s last earnings call, Telus chief executive officer Darren Entwistle said the company was integrating the digital arm’s AI and data capabilities across the business, “enabling strategic cross-promotion” throughout its entire portfolio.
With a report from Reuters