[matrixgard]

A breach at this scale almost never comes from a single access event — moving a petabyte takes time, and that kind of sustained egress usually means either the detection tooling wasn't watching outbound data flows, or alerts fired and got buried in noise. "1 petabyte" from a hacker claim is probably inflated, but even 5-10% of that is catastrophic depending on what's in it.

What's worth paying attention to here is that Telus Digital is a BPO/outsourcing company, which means the blast radius almost certainly extends to their clients. If your company has API integrations with Telus Digital, or gave them any kind of federated access to internal systems, now is the time to audit what they held and rotate anything they could have touched. Downstream credential exposure in third-party breaches is consistently underreacted to.

The employee data angle is also interesting that usually means developer workstations and internal tooling were in scope, not just the customer-facing layer. Makes the "how did detection miss it" question even harder. Does anyone know if Telus Digital ran a shared SOC across their outsourcing clients, or was each client siloed?