Hackers Breach Telefónica’s Internal System, Exposing Sensitive Data on Dark Web

Hackers Breach Telefónica's Internal System, Exposing Sensitive Data on Dark Web

Telefónica Data Breach: Internal Ticketing System Compromised

Spanish telecommunications giant Telefónica has confirmed a security breach in its internal ticketing system, following the leak of sensitive data on a hacking forum. The company, which operates in twelve countries and employs over 104,000 people, discovered unauthorized access to their Jira development and ticketing server.

The breach, claimed by four hackers using the aliases DNA, Grep, Pryx, and Rey, occurred through compromised employee credentials. The attackers reportedly extracted approximately 2.3 GB of documents, tickets, and various data before Telefónica detected the intrusion and implemented password resets on affected accounts.

According to one of the attackers, Pryx, the compromised system was used for reporting and resolving internal issues. While some data was labeled as customer-related, the tickets were primarily associated with @telefonica.com email addresses, suggesting they may have been internal tickets created on behalf of customers.

Three of the attackers – Grep, Pryx, and Rey – are known members of the Hellcat Ransomware operation, which recently claimed responsibility for a similar breach at Schneider Electric, where 40GB of data was stolen from their JIRA server.

Telefónica has initiated an investigation to determine the full extent of the breach and has implemented measures to prevent further unauthorized access to their systems. Unlike typical ransomware attacks, the hackers did not attempt to extort the company before leaking the data online.

Share This Article