Canadian telecommunications company Telus is investigating the possibility of it suffering a data breach. This comes after a threat actor who goes by the name "Seize" shared what they claim to be data of Telus employees.
On February 17, Seize posted Telus"s employee list (which included their email addresses) for sale on a dark web forum. "Today we’re selling email lists of Telus employees from a very recent breach," the post stated. "We have over 76k unique emails and on top of this have internal information associated with each employee scraped from Telus’s API."
While it is not yet known if the cybercriminal"s claims are accurate, technology news website BleepingComputer was able to confirm that the small information sample posted by the seller correspond to present-day Telus employees, such as technical staff and software developers.
A few days later, Seize posted on the forum again. But this time, they were selling Telus"s payroll databases, source codes, and GitHub repositories. The repositories are sold for as much as $50,000 and allegedly contain backend, frontend, and middleware information, Amazon Web Services and Google authentication keys, and testing apps, among other things.
"We are investigating claims that a small amount of data related to internal Telus source code and select Telus team members’ information has appeared on the dark web," a Telus spokesperson said in a statement. "We can confirm that to this point our investigation, which we launched as soon as we were made aware of the incident, has not identified any corporate or retail customer data."
This is not the first time that the telecom company was involved in a security incident. Back in September 2020, its healthcare provider Medisys reported a breach that affected 60,000 clients’ personal information.
Source: BleepingComputer