telefonica

In January 2025, Telefónica, a prominent Spanish multinational telecommunications company, experienced a significant data breach. The breach was orchestrated by members of the Hellcat ransomware group, who utilized infostealer malware to compromise the credentials of over 15 Telefónica employees. This unauthorized access allowed the attackers to infiltrate the company's internal Jira ticketing system. The compromised data includes approximately 236,493 lines of customer information, 469,724 lines of internal ticket data, and over 5,000 internal documents in various formats such as CSV, PPTX, XLSX, DOCX, PDF, and MSG. Notably, the exposed information encompasses summaries of internal Jira issues, which could reveal sensitive operational details, project plans, and potential vulnerabilities within Telefónica's infrastructure. The attackers did not attempt to extort the company; instead, they publicly released the stolen data on a hacking forum. In response, Telefónica has initiated an investigation and implemented measures to block any further unauthorized access to their systems.

Data Included in the Breach