What happened
Telus Digital confirmed it is investigating unauthorized access to a limited set of systems after threat actor group ShinyHunters claimed it stole nearly 1 petabyte of data during a multi-month intrusion.
Public reporting indicates alleged exposure across business process outsourcing (BPO) environments, including customer-support and call-center related records.
Why this matters
BPO providers are high-value targets because one compromise can cascade into multiple downstream organizations.
Potential impact areas include:
- customer support metadata,
- authentication or operational workflow data,
- call records and related business telemetry.
Even when full exfiltration claims are unverified, confirmed unauthorized access at this scale should be treated as a major third-party risk event.
What defenders should do now
- Assess vendor exposure: identify whether your teams or business units depend on Telus Digital services.
- Rotate secrets and tokens: especially for integrations connected to support and CRM workflows.
- Review access logs: prioritize unusual OAuth/token usage and high-volume export activity.
- Harden identity controls: enforce phishing-resistant MFA for admin/support operations.
- Trigger third-party incident playbooks: legal, procurement, and security teams should coordinate customer-impact validation.
Bottom line
This incident is a reminder that identity and token exposure in SaaS-linked ecosystems can quickly become a data-hijack problem. Organizations using outsourced support operations should prioritize credential hygiene, integration audits, and rapid third-party containment steps.