- This mini SSD enclosure transformed my data management - and I never leave home without it
- My favorite GPS tracker has unlimited battery life and surprisingly accurate tracking
- Data Decay and Cybersecurity: Understanding The Risks And Mitigating The Impact On Your Business
- Multicast fairness in high frequency trading environments
- Strengthening Cybersecurity: CMMC with Cisco's NIST Cybersecurity Framework 2.0 Mapping
Telefonica Breach Hits 20,000 Employees and Exposes Jira Details
Telco giant Telefonica has confirmed a breach of its internal systems, with hackers claiming to have stolen over 236,000 lines of customer data.
Four threat actors posted an exfiltrated Jira database on a hacking forum late last week, according to screenshots shared on X (formerly Twitter).
They claimed it contains 236,493 lines of customer data, 469,724 lines of internal ticketing data and over 5000 internal PDFs, Word, PowerPoint and other documents.
According to ethical hacking company, Wire Tor, three of the threat actors are known to be part of the Hellcat ransomware group, with an estimated 2.3GB of data stolen.
Read more on Telefonica breaches: Telefonica Calls Authorities after Massive Breach
“We have become aware of unauthorized access to an internal ticketing system,” Telefonica admitted in a statement. “We are currently investigating the extent of the incident and have taken the necessary steps to block any unauthorized access.”
Cybersecurity vendor, Hudson Rock, claimed to have spoken to the perpetrators and found that they used infostealer malware to compromise over 15 Telefonica employees, gaining credentials from them for initial access.
“Once inside, the attackers … strategically used social engineering to expand their access,” the firm continued.
“Notably, they targeted two employees with administrative privileges, tricking them into revealing the correct server for brute-forcing SSH access. This multi-faceted approach highlights the evolving complexity of cyber-threats.”
Hudson Rock claimed that the breach has exposed 24,000 Telefonica employee emails and names, and 500,000 Jira issues and summaries.
“The data includes summaries of internal Jira issues, which can reveal sensitive operational details, project plans and vulnerabilities within Telefonica’s infrastructure. This poses a significant risk as it could be used to map out internal workflows and exploit weaknesses,” Hudson Rock warned.
The security vendor also claimed that the 5000 internal docs stolen by the threat actors “likely contain” confidential information relating to strategic plans and internal communications, which may further compromise the telco’s operational security.
“The breach was essentially imminent. In 2024 alone, Hudson Rock identified that Telefonica had a staggering 531 employee computers infected by infostealers, meaning 531 different employees downloaded and executed infostealing malware,” it added.
“Each infection led to corporate credentials being stolen from their computers and falling into the hands of hackers.”
Image credit: Jose Miguel Sanchez / Shutterstock.com
