The Canadian telecoms giant Telus is currently picking up the pieces after a massive security breach at its subsidiary, Telus Digital. The company, which provides customer support and business services to firms worldwide, confirmed on Thursday, 12 March 2026, that an unauthorised group had managed to get into some of its internal systems. Reportedly, hackers had been inside the network for quite some time.
While Telus hasn’t confirmed the exact scale of the theft, the group claiming responsibility, the ShinyHunters extortion gang, claims to have made off with a massive amount of data. They have told journalists the haul is at least 700 terabytes, though other reports suggest it could be as much as a full 1 petabyte. To put that in perspective, that is roughly enough data to fill a million high-definition feature films.
What has been affected?
A spokesperson for Telus stated that all business operations within the company remain fully operational and that there is no evidence of disruption to customer connectivity or phone services at this time. However, the statement did not confirm exactly what kind of data was stolen.
Samples shared with Reuters suggest the stolen information is very sensitive. It reportedly includes customer support recordings, secret computer code used to run company software, and employee records, including names and even FBI background check results. Telus has confirmed that they are now in the process of notifying any customers who have been personally affected.
A track record of global hacks
It is worth noting that ShinyHunters has a long and notorious history of targeting major brands. In October 2025, they were linked to a massive theft of nearly a billion records from 39 companies, including big names like GAP and Qantas.
In January 2026, they leaked data from SoundCloud and Crunchbase after their ransom demands were denied. They were also behind a campaign in February 2026 against Odido, the largest mobile operator in the Netherlands (formerly known as T-Mobile Netherlands), where they threatened to release millions of customer records.
Last week, ShinyHunters again made headlines after claiming responsibility for a new large-scale data-theft campaign targeting Salesforce environments. According to recent reports, the group alleges it has stolen data from around 400 organizations by abusing misconfigured Salesforce Experience Cloud portals and is now threatening to leak the information unless ransom demands are met.
The attackers reportedly used automated tools to scan publicly accessible portals and extract CRM data where guest user permissions were overly permissive, allowing them to access information without authentication. This history shows that the group often follows through on their threats when companies refuse to pay.
Deeba Ahmed
