Breaking news: Telus investigating sale of alleged code, employee information

Share post:

Someone on a criminal forum is selling what they claim is data on all Telus employees, as well as the Canadian telecommunications company’s GitHub software code repositories.

In response to an IT World Canada reporter’s query about the posting, Telus director of public affairs Richard Gilhooley said the company is looking into the allegation.

“We are investigating claims that a small amount of data related to internal Telus source code and select Telus team members’ information has appeared on the dark web,” he said in an email. “We can confirm that to this point our investigation, which we launched as soon as we were made aware of the incident, has not identified any corporate or retail customer data.”

The first dark web posting by someone named “Sieze” was made on Feb. 17. “Today we’re selling email lists of Telus employees from a very recent breach,” it says. “We have over 76k unique emails and on top of this have internal information associated with each employee scraped from Telus’ API.”

As proof, this posting includes what appears to be a list of Telus employee email addresses. It isn’t known if these are current or former staff — or even real.

A Feb. 21 posting adds, “We’re bringing you even more from the recent Telus breach!” The poster asks US$7K for the database file of “every person that works at Telus”; US$6K for a payroll file with 770 records of “all of the white collar workers … including the president of Telus”; and US$50K for all of the allegedly copied data, including a list of Telus private Github repositories, subdomains, and screenshots.

Interested buyers are asked to connect to one of two people on the Telegram messaging service.

It’s important to note that it’s not clear whether the data being sold is real, commented Brett Callow, a British Columbia-based threat analyst for Emsisoft. “That said, if it is real, this is a potentially serious incident which exposes Telus’ employees to increased risk of phishing and social engineering and, by extension, exposes the company’s customers’ to risk. The alleged exposure of the private Github repositories, supposedly including a sim-swap API, represents an additional tier of potentially significant risk.”

In 2020, a Telus division called Medisys Health Group was hit by a cyber attack involving customer data. At that time the company said it “securely retrieved the data by making a payment.”

The post Breaking news: Telus investigating sale of alleged code, employee information first appeared on IT World Canada.

Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

SUBSCRIBE NOW

Related articles

Hackers Plant False Memories in ChatGPT to Steal User Data

A security researcher has uncovered a vulnerability in ChatGPT that could allow hackers to store false information and...

“Octo2” Trojan Targets Bank Accounts by Posing as VPN or Chrome Apps on Android

A new malware variant called “Octo2” is spreading across Android devices by posing as popular apps like NordVPN...

Evilginx – Open source tool can bypass Multi-Factor Authentication (MFA)

Security vendor Abnormal Security is reporting a new cybersecurity tool that is gaining traction among cybercriminals. The tool,...

Kaspersky’s exit from US market frightens some customers

Kaspersky, the Russian cybersecurity firm, has unexpectedly removed its antivirus software from U.S. customers' computers, replacing it with...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways