TELUS Gives The Results Of Its Investigation Into A Cyber Incident From Earlier This Year

Earlier this year, news came out that TELUS might have been the victim of a cyberattack. Here’s what was said to be out in the wild at the time:

Canada’s second-largest telecom, TELUS is investigating a potential data breach after a threat actor shared samples online of what appears to be employee data. The threat actor subsequently posted screenshots that apparently show private source code repositories and payroll records held by the company.

At the time, TELUS said that they were investigating this. And today we have the results of that investigation:

We have concluded our investigation of this incident and have discovered that no systems used to support our customers were impacted, and that TELUS Health and TELUS Agriculture & Consumer Goods were not impacted in any way. 

We also discovered that a small amount of customer data may have been accessed by an unauthorized third party. While our ongoing monitoring has not discovered evidence of any personal information appearing in any public forum, we will be notifying impacted customers in the coming days.

So this confirms that TELUS was pwned. And I have to wonder what “a small amount of customer data” means. Plus whatever amount of customer data that “may have been accessed by an unauthorized third party” is too much as no amount of customer data should ever get out into the wild. It will be interesting to see how many people get notified by TELUS. And finally, I have to wonder what effect this will have on TELUS as a brand. You can expect me to keep an eye on all of this.

Leave a Reply

%d bloggers like this: