One of the biggest data breaches on record recently occurred at Telus Digital services in Canada. Over the course of several months, a huge amount of data was compromised, and only when it was brought to the company's attention was the breach stopped. The hack revealed that many companies are still not entirely safe with their legacy systems.
On March 12th, Telus Digital, the digital services arm of the Canadian telecommunications, Telus, revealed that that their network had been compromised as early as January, perhaps even longer. According to Bleeping Computer, the perpetrators were the group called ShinyHunters. “ShinyHunters” says that they discovered Google Cloud Platform credentials for Telus in the Drift data and used them to access numerous company systems, including a large BigQuery instance.
After downloading this data, the threat actors said they used the cybersecurity tool trufflehog to search within it for additional credentials that allowed them to pivot into other Telus systems and download further data.
In all, ShinyHunters claims to have stolen close to 1 petabyte of data belonging to the company and many of its customers, many of whom use Telus Digital as a BPO provider for customer support operations. BleepingComputer has not been able to independently confirm the total size of the stolen data.”(1)
ShinyHunters told BleepingComputer that it was able to hack Telus after it found the company’s Google Cloud Platform credentials in the massive haul of data it stole from Salesloft in 2025. ShinyHunters also shared a sample of stolen Telus data with BleepingComputer, which confirmed that it included call-center records.(2)
The fact that they were able to get the credentials and didn’t change them is a vast oversight on the part of that company. In any circumstances, once a breach has occurred, the first thing to do once the breach is identified is remove or reset any credentials in that system. The mere fact they were able to do this for 6 months means they not only didn’t notice it but did not have protocols in place to reset passwords is extremely concerning for a company that handles data.
This underscores a different issue. Hackers are now getting better at being trusted by the various systems. This isn’t phishing where they’re looking for credentials by tricking you. They already have the credentials they need, but the issue becomes getting the trust. Fritz Jean-Louis, principal cybersecurity advisor at Info-Tech Research Group, said the incident was not a perimeter failure, even though “when breaches of this magnitude occur, the instinct is often to ask which vulnerability was exploited and which malware got through.”
He added that the Telus Digital data theft “increasingly points to a different problem, in that attackers no longer need to ‘break in’ if they can blend in. The hallmarks of this breach, like the multi-month dwell time, massive data volumes, and delayed detection, suggest the abuse of legitimate access rather than overt technical exploitation.”
In other words, he said, the systems likely trusted the attacker, noting that, based on publicly available details, this incident aligns with a growing class of data theft first operations that include:
According to Jean-Louis, “this is not smash-and-grab ransomware. It is strategic, disciplined, and optimized for maximum leverage. The [attack] actually exposes a blind spot many organizations still have: [they] are good at detecting ‘bad behavior,’ but not abnormal trusted behavior.”(3)
The Telus Digital hack showed that hackers have gotten much better in hiding themselves in a company’s systems before being found out. The hackers were in the system for months stealing data while acting like they were part of the company. The result was a petabyte of data being compromised across their servers. This incident shows that even constant vigilance has its limit. Companies should be worrying about the credentials of everyone in their company along with how they are protected in the long run. Multifactor Authentication, password managers and even common sense can go a long way. But the fact is, hackers are now able to blend almost seamlessly into various networks.
For more insight visit our website: https://www.axisins.com/