Hundreds of employee records offered for sale on 'dark web'

Posting on criminal forum claims to have 'internal information associated with each employee' at Canadian company

Hundreds of employee records offered for sale on 'dark web'

TELUS is said to be investigating a breach of employee data after concerning messages were posted online by someone on a criminal forum.

“Today we’re selling email lists of TELUS employees from a very recent breach,” said the Feb. 17 post by “Sieze,” according to IT World Canada.

“We have over 76k unique emails and on top of this have internal information associated with each employee scraped from Telus’ API.”

A Feb. 21 posting also has the poster asking for US$7,000 for the database file of “every person that works at Telus”; US$6,000 for a payroll file with 770 records of “all of the white collar workers … including the president of Telus”; and US$50,000 for all of the allegedly copied data, including a list of Telus private Github repositories, subdomains, and screenshots.

In response, the company is looking into the allegation, Richard Gilhooley, director of public affairs at TELUS in Vancouver, told IT World Canada.

“We are investigating claims that a small amount of data related to internal TELUS source code and select TELUS team members’ information has appeared on the dark web,” he said in an email. “We can confirm that to this point our investigation, which we launched as soon as we were made aware of the incident, has not identified any corporate or retail customer data.”

Indigo breach

Similarly, Indigo experienced a ransomware attack on Feb. 8. And after engaging third-party experts to investigate, it learned some employee data was “improperly accessed.”

“Our staff are at the very heart of our organization, and we take their privacy and security seriously. We deeply regret this incident and are committed to ensuring employees have the support they need.”

To provide additional assurance and protection to employees, Indigo says it has retained the assistance of TransUnion of Canada, a consumer reporting agency, to offer two years of credit monitoring and identity theft protection services at no cost.

It is also working with third party experts to strengthen its cybersecurity practices, enhance data security measures and review existing controls.

Risks of cyber attacks

While CEOs say cybersecurity is amongst their top concerns in the workplace, Canadian organizations say they're underprepared for a cyberattack, according to a recent KPMG report. Also of concern: Just over a third (34 per cent) of employees express little-to-no concern about data theft at work, and 16 per cent believe they can't be targeted at all by cyber criminals, finds another survey.

If the data being sold is real, it’s a “potentially serious incident which exposes TELUS’ employees to increased risk of phishing and social engineering and, by extension, exposes the company’s customers’ to risk,” says Brett Callow, threat analyst for Emsisoft, in IT World Canada.

Employees are more likely to become victims of HR-related phishing emails, a new report has found, which underscored how business-related frauds are gaining momentum.


Latest stories