16/68 Monday, January 13, 2025
Telefónica, a Spanish telecommunications giant, has confirmed that its internal ticketing system was hacked after stolen data was published on a hacking forum. The company revealed that it has blocked access to the system and is conducting a thorough investigation into the incident. Telefónica, one of Spain’s largest multinational telecommunications companies, employs over 104,000 people and operates in 12 countries.
The breach occurred after attackers used stolen employee account credentials to access the system. The attackers claimed to have extracted approximately 2.3 GB of documents and internal tickets, some of which may involve customer-related information. However, the majority of the tickets were generated through internal emails ending with @telefonica.com to report internal issues.
The attackers behind this breach, identifying themselves as DNA, Grep, Pryx, and Rey, stated that they did not demand ransom or negotiate with Telefónica before leaking the data. Pryx told BleepingComputer that the attack occurred just yesterday. In response, Telefónica promptly reset the passwords of the compromised accounts.
Additionally, members of the group Grep, Pryx, and Rey are reportedly associated with the “Hellcat Ransomware” group, which previously targeted Schneider Electric, stealing over 40 GB of data from the company’s Jira servers during a previous attack.
