Telus Digital confirmed unauthorized access attributed to ShinyHunters, with the threat actor claiming exfiltration of approximately 1 petabyte of data including potential customer PII, internal credentials, and proprietary network data — though the claimed volume has not been independently verified by Telus. This is not a CVE-based vulnerability but an active breach event with third-party risk implications for any organization sharing integrations, credentials, or data pipelines with Telus Digital. Organizations with Telus supply chain relationships should immediately suspend shared credentials, review access logs for T1078 indicators, and initiate third-party incident notification procedures.