- A threat actor claims to have stolen 106 GB of sensitive telefónica files
- Telefónica says that the files were old, stolen from a previous incident
- A sample was shared with the media, with the complete lot that will soon follow
A cybercriminal threatens to release more than 100 GB of sensitive data stolen from the Spanish telecommunications giant Telefónica.
In January 2025, the company underwent a violation of data in hand of the exploitation of hellcat ransomware. At the time, the group broke into Telco via an internal Jira development and ticket office server.
Among the members of the group is a threat of the alias Rey, who said that while Telefónica addressed a defect, he created another, giving them 12 hours of uninterrupted data exfiltration. During this time, which, according to Rey, was at the end of May 2025, they would have stolen 106 GB of sensitive files, counting more than 380,000 internal communications files, purchase orders, newspapers, customer folders and various data from employees.
Old incident, or new?
The pirate published a small sample of 2.6 GB and threatens to release everything unless a payment is made.
But Telefónica minimizes the incident. Talk to Bleeping CompomputeA Telefónica O2 employee said the data was old and that there was no new violation.
To prove the authenticity of the data, Rey shared a sample with Bleeping Computer, including a file tree.
“Some files included invoices of commercial customers in several countries, notably Hungary, Germany, Spain, Chile and Peru,” said the publication.
“In the files we received, there were email addresses for employees in Spain, Germany, Peru, Argentina and Chile, and invoices for business partners or customers in European countries.”
Although the data found in the sample is from 2021 and more, the publication said that some of the emails he saw belonging to the “active employees”.
“Since Telefonica has denied a recent 106 GB violation containing data from its internal infrastructure, I publish 5 GB here as proof. Soon, I will publish the complete file tree, and in the coming weeks, if Telefonica does not comply, all the archives will be published.;) ” – Rey said.
