TELUS Investigating Leak of Stolen Source Code, Employee Data

Canada's second-largest telecom, TELUS is investigating a potential data breach after a threat actor shared samples online of what appears to be employee data. BleepingComputer reports: The threat actor subsequently posted screenshots that apparently show private source code repositories and payroll records held by the company. TELUS has so far not found evidence of corporate or retail customer data being stolen and continues to monitor the potential incident. On February 17, a threat actor put up what they claim to be TELUS' employee list (comprising names and email addresses) for sale on a data breach forum. 'TELUS employes [sic] from a very recent breach. We have over 76K unique emails and on top of this, we have internal information associated with each employee scraped from Telus' API,' states the forum post.

While BleepingComputer has been unable to confirm the veracity of threat actor's claims just yet, the small sample set posted by the seller does have valid names and email addresses corresponding to present-day TELUS employees, particularly software developers and technical staff. By Tuesday, February 21, the same threat actor had created another forum post -- this time offering to sell TELUS' private GitHub repositories, source code, as well as the company's payroll records. The seller further boasts that the stolen source code contains the company's 'sim-swap-api' that will purportedly enable adversaries to carry out SIM swap attacks.

Read more of this story at Slashdot.