Telus Digital (Canadian BPO providing outsourced customer support, content moderation, and AI services) confirmed a multi-month breach on March 12, 2026. ShinyHunters claimed credit, alleging theft of nearly 1 petabyte of data. Attackers found GCP credentials in a Drift data export, used them to access BigQuery, then ran trufflehog to discover additional credentials enabling lateral movement. Stolen data allegedly included customer support records, agent performance data, AI training data, call recordings, FBI background checks, Salesforce data, source code, and financial information for numerous BPO client companies. ShinyHunters demanded $65 million and received no response. The breach is potentially related to simultaneous attacks on Crunchyroll and Hims & Hers, both Telus Digital BPO clients, via compromised Okta SSO accounts.