Telus logo or sign on a modern building. Telus is a tele-communications company

TELUS Digital breach explained: what we know about the alleged cyberattack

TELUS Digital has confirmed it is investigating a cybersecurity incident after hackers claimed they stole almost 1 petabyte of company and customer data in a prolonged breach.

The incident is attracting attention not just because of the alleged scale, but because of what TELUS Digital actually does. As a business process outsourcing (BPO) provider, the company handles customer support, AI services, moderation, and operational systems for businesses around the world.

That means a breach affecting TELUS Digital could potentially expose information linked to multiple companies and millions of people through a single attack. 

What TELUS Digital has confirmed

TELUS Digital has publicly confirmed that it experienced a cybersecurity incident involving “unauthorised access to a limited number of systems”. 

In a statement, the company said it had:

  • Secured affected systems 
  • Engaged cyber forensic experts 
  • Involved law enforcement 
  • Begun notifying impacted customers where appropriate.  

What hackers are claiming

The group allegedly behind the attack is known as ShinyHunters, a well-known cybercrime operation linked to a number of major global breaches. 

According to reports, the hackers claim they stole close to 1 petabyte of data from TELUS Digital systems and customer environments. That is an enormous amount of information. 

The attackers reportedly claim the stolen data includes: 

  • Customer support records 
  • Call centre data 
  • Voice recordings 
  • Call metadata 
  • Internal corporate information 
  • Source code 
  • Financial data 
  • Salesforce-related information 
  • AI moderation and support tooling data. 

At this stage, these claims have not been independently verified in full. 

How the breach allegedly happened

According to cybersecurity reporting, the attackers claim they gained access using Google Cloud credentials discovered in data stolen during a separate breach involving Salesloft Drift. 

The alleged chain of events is significant because it highlights how one breach can potentially lead to others. 

The hackers claim they: 

  • Found cloud credentials in previously stolen support data 
  • Used those credentials to access TELUS systems 
  • Searched internal environments for additional secrets and authentication tokens  
  • Expanded access into other company systems and datasets.  

This approach is increasingly common in modern cyberattacks, with a successful attack against one outsourcing provider potentially exposing information connected to many different organisations at once. That is one reason cybersecurity experts increasingly view outsourcing providers as high-value targets. 

Could UK customers be affected?

Yes. A notification sent by Telus International (U.K.) Ltd. confirms that some personal data was contained in systems accessed by an unauthorised third party.  

According to the notice, the incident was first identified on 12 November 2025, with the company later confirming on 18 March 2026 that certain individuals’ data was contained within the affected systems. 

The notice states that the exposed information may include:

  • Names 
  • Email addresses 
  • Phone numbers 
  • Physical addresses 
  • Dates of birth.  

TELUS Digital says it has no evidence of actual harm at this stage. However, affected individuals are being offered 12 months of monitoring services through TransUnion TrueIdentity as a precaution. 

The company is also warning people to remain alert for: 

  • Phishing emails 
  • Scam phone calls  
  • Fake payment requests 
  • Messages impersonating TELUS or TELUS Digital.  

That warning matters because breaches involving names, contact details, and dates of birth can increase the risk of social engineering attacks and identity fraud attempts, even where financial data is not involved directly.

The notification also suggests the incident timeline may stretch back several months before public confirmation, raising further questions about how long attackers may have had access to systems and data. 

What should affected customers do?

If you believe your information may have been exposed, sensible precautionary steps include:

  • Changing passwords linked to affected accounts 
  • Using unique passwords for different services 
  • Enabling multi-factor authentication (MFA) 
  • Monitoring bank accounts and online accounts 
  • Watching for suspicious emails, texts, or calls 
  • Being cautious of unexpected customer support contact.  

We are continuing to monitor developments closely, including any further disclosures about what data was accessed and which companies or individuals may have been affected. We will provide updates as they happen.  

Join the Claim connects consumers with SRA-regulated lawyers. Keep an eye out for updates on any potential claim and possible eligibility checks/registration opportunities.

This information is for general guidance only and does not constitute legal or financial advice.

You may also like:

  • Environment, News, Vehicle

Can BMW drivers claim compensation for the diesel emissions scandal?

BMW faces legal action over emissions-cheating software. Learn what the scandal involves, who is affected, and what it means for UK diesel car owners.
  • Data Breach, Financial, News

Capita data breach: Legal response & ongoing investigations

Capita’s data breach exposed pension holders’ personal data. Stay updated on the latest legal action, investigations, and regulatory responses.
  • News, Vehicle

Jaguar Land Rover DPF claims vs. dieselgate: What you need to know

Confused about Jaguar Land Rover DPF claims vs. Dieselgate? Learn the key differences, legal actions, and how to check if you qualify for compensation.

Latest news & insights

Close-up of a person using a smartphone with the ChatGPT app open.
Are ChatGPT conversations appearing in Google search results? Here’s what we know.
Reports claim ChatGPT conversations are appearing in Google search results. We examine what's really happening.
Woman holding iPhone with logo of application Booking.com on the screen, using mobile application
Booking.com faces proposed £2 billion consumer claim over hotel prices
A proposed £2 billion claim alleges Booking.com's pricing practices inflated hotel costs for millions of UK travellers. Here's what we know so far.
Warning to supermarket store workers: If you want equal pay compensation, you’ll need to claim it!
Many UK supermarket workers are confused about equal pay claims. Learn why backpay isn’t automatic and what opt-in group actions really mean.
Close-up of the NHS - National Health Service logo on the exterior of St. Thomas Hospital in London, UK
What is the NHS Single Patient Record, and why is it being debated?
Plans for a NHS Single Patient Record moved a step closer last week. But there are important questions about privacy & data security.
Teenagers with smartphones on social media near white wall indoors
Social media is facing growing scrutiny. Here’s why.
Explore the growing debate around social media safety, online harms, platform accountability, child safety, addictive features and digital rights.
An expert hacker is decrypting data while hiding their face
Hackers are changing tactics – and it could mean more data breaches
Hackers are increasingly exploiting software vulnerabilities rather than stealing passwords. Here's what that could mean for UK consumers.
Managing the validity of digital document checklists
New data complaint rules are coming in June 2026
New data protection complaint rules take effect on 19 June 2026. Find out what organisations must do and what the changes mean for consumers.
Hand holding a digital ID card with user profile symbol.
Digital ID plans move into next phase — but key questions remain
The government's digital ID plans have entered a new phase with the launch of a 120-member People's Panel. 
Text STUDENT LOAN visible through magnifier, money and stack of books on light table against blackboard
Why plain English matters in financial agreements
A new parliamentary inquiry found thousands of graduates did not properly understand their student loan terms. Here’s why plain English matters in financial products and legal agreements.
Woman is shocked from the rising energy costs and the bill she received for heat and electricity for her household.
UK energy bills to rise again as Iran conflict hits gas prices
UK household energy bills are set to rise by 13% from July 2026 after global gas prices surged during the Iran conflict. Here’s what it could mean for households.
Black British passport on UK Union Jack flag close up
UK visa portal data leak exposes passports and personal documents 
Thousands of passport scans and personal documents were reportedly exposed online after a third-party UK Visa Portal website left files publicly accessible.
boy scrolling through social media on his mobile phone
Is social media the next “big tobacco”?
The UK government is considering tougher social media restrictions for children. Could this lead to large-scale legal claims against tech platforms?
What we’ve been working on at Join the Claim in May
A round-up of what we’ve been working on in May at Join the Claim, including claims to watch, legal developments and practical consumer guides.
A business person using laptop with visual screen Scam Alert warning sign for scams with icons
Scam alert update: May 2026
Stay alert this May with the latest scam warnings from Join the Claim
Office, serious and business woman on laptop for class actions
Could opt-out class actions expand in the UK? What consumers need to know
The UK is reviewing whether opt-out class actions could expand beyond competition law. Here’s what the proposed reforms could mean.
View all news

Did you know we have a newsletter?

Sign up for our newsletter to stay up to date.

We connect consumers with their legal dream teams to ensure they get the compensation and support they deserve.

claims
About
Legal
Connect

Join the Claim is not a law firm. We connect individuals with top law firms for group action claims, and our service is free to use. While we may receive a fee from the law firms we introduce you to, this will not affect your costs or compensation. We are not responsible for the advice or services provided by these firms. Please note, nothing on this website is legal advice, and while we check claim eligibility, we cannot guarantee a law firm will accept a case.

Join the Claim is a trading name of Join the Claim Limited, authorised and regulated by the Financial Conduct Authority (FRN: 1053404). Registered in England and Wales, Company No: 16245278. Registered office: 32 Eyre Street, Sheffield, S1 4QZ.

© Join the Claim All Rights Reserved |

2026
Go to claims