Telus has confirmed it lately found a database being bought on the darkish internet that apparently contained worker contact info in addition to different delicate information. 

The comms large is at the moment investigating the matter to see how large the potential breach is, however preliminary reviews recommend that no company or retail buyer information was taken. 

Nonetheless, whoever buys the database may wreak severe havoc.

SIM swapping API

The corporate confirmed the information in a press release to The Register (opens in new tab): “We’re investigating claims {that a} small quantity of information associated to inside Telus supply code and choose Telus staff members’ info has appeared on the darkish internet,” Telus spokesperson Richard Gilhooley stated.

“We will verify that thus far our investigation, which we launched as quickly as we had been made conscious of the incident, has not recognized any company or retail buyer information.”

So what information was taken? As per the advert posted on BreachForums, the attacker is promoting 76,000 distinctive worker emails, and “inside info” on the workers pulled from the corporate’s API. Just one entity should purchase the database, for a sum subsequently agreed upon. 

Nonetheless in one other, seperate submit, the publication discovered the identical risk actor providing the whole e mail database for $7,000, and a payroll database (counting 770 workers members, together with high-ranking people) for $6,000. 

Maybe extra apparently, the hacker can be promoting Telus’ complete personal supply code and GitHub repositories, together with the SIM swap API, for $50,000. 

This one, consultants agree, is especially worrying. Chatting with The Register, Emsisoft risk analyst Brett Callow defined how the client may use the information to run harmful SIM-swapping assaults: by transferring the cellphone quantity related to an account to a SIM card of their possession, the attackers would be capable of bypass multi-factor authentication and different one-time safety codes, to achieve entry to even most protected accounts. 

• These are one of the best endpoint safety software program (opens in new tab) proper now